Massachusetts Extends Data Security Regulation Deadline Once Again

Posted on by

Data security regulations introduced by the Massachusetts Office of Consumer Affairs and Business Regulation (“OCABR”) have garnered attention this year for a couple reasons.  First, the Regulations are broadly written, covering any company that handles “personal information” of Massachusetts customers or employees (as you may have guessed, this will include companies located outside of Massachusetts).  Next, the Regulations continue to make headlines as the Massachusetts OCABR makes revisions and extends the compliance deadline.  The current compliance deadline is March 1, 2010.

You can check here for the OCABR’s updated list of FAQs (including differences between the latest version of the Regulations and the version issued in February 2009).

A hearing will be held on September 22, 2009 to discuss the proposed Regulations.  While the recent revisions and the scheduled hearing indicate that Massachusetts OCABR is making efforts to try and keep the Regulations (somewhat) in line with Federal laws and also minimize the impact on certain small businesses, entities with customers or employees in Massachusetts should monitor developments.  The Regulations could definitely impact existing information security policies and/or existing data management programs.

This entry was posted in Miscellaneous, Regulation, State Compliance and tagged , , by Patrick. Bookmark the permalink.

About Patrick

Pat is a Partner and Managing Director at HedgeOp Compliance, LLC. Prior to joining the team in August of 2003, Pat served as Assistant Counsel for Baring Asset Management Inc., where he was responsible for general compliance oversight and legal support in the areas of product development, marketing and distribution. Prior to this, Pat worked for Scudder Investments with responsibility for various compliance functions within its retirement plan and trust departments. Patrick received a JD degree from New England School of Law and a B.A. from the College of the Holy Cross. Pat is certified as an Investment Adviser Certified Compliance Professional (IACCPsm) by National Regulatory Service's Center for Compliance Professionals. Pat currently runs HedgeOp's Boston office.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>