In September 2008, Massachusetts enacted a sweeping new privacy law to protect the personal information of Massachusetts residents that went into effect on March 1, 2010. If you do business with residents of Massachusetts or have employees that reside in Massachusetts, you must comply.
The Massachusetts law is the first in the nation to require specific technology when protecting personal information. Both “data at rest” and “data in transit” over a public network, such as the Internet, that contain personal information must be encrypted.
Personal information is defined as a Massachusetts resident’s name in combination with one of the following – with or without a security code, access code, PIN, or password that would permit access to a resident’s financial account:
This new legislation affects all organizations that own or license personal information of Massachusetts residents – regardless of the size or location of the business. And, organizations must require and oversee that third-party service providers with access to personal information also comply with the new law. Organizations affected include:
Download a complete copy of the Massachusetts Privacy Law to assess the impact on your organization.
If you are a small business, review the small business checklist published by the Massachusetts Office of Consumer Affairs and Business Regulation (OCBAR).
Coviant Software offers a suite of managed file transfer products that encrypt your data before, during, and after transit. Click below to start a free trial of Basic Edition, Standard Edition, or Enterprise Edition now. Or, contact us at 781.210.3310 for more information or to request a quote.