Rule

The Massachusetts Standards for the Protection of Personal Information of Residents of the Commonwealth, 201 CMR 17.00, go into effect today, March 1, 2010.  The regulations impose strict data security requirements on every business that owns or licenses “personal information” about a resident of Massachusetts, regardless of where the business is located or does business.

The Massachusetts Standards for the Protection of Personal Information of Residents of the Commonwealth, 201 CMR 17.00, go into effect today, March 1, 2010. The regulations impose strict data security requirements on every business that owns or licenses “personal information” about a resident of Massachusetts, regardless of where the business is located or does business.

On Friday, October 30, 2009, the FTC announced that it was delaying enforcement of its Red Flags Rule until June 1, 2010.

Today, the Massachusetts Office of Consumer Affairs and Business Regulation ("OCABR") filed its final amendments to the state's data security regulations, which impose specific requirements on entities for safeguarding the personal information of Massachusetts residents. The OCABR will make its amendments public next Monday, but has already stated that it didn't make any major changes and only clarified language regarding contracts between persons who own or license personal information and third-party service providers. The updated regulations are scheduled to take effect on March 1, 2010.

The Massachusetts Office of Consumer Affairs and Business Regulation announced amendments yesterday to its identity theft regulations, including an extension of the compliance deadline to March 1, 2010.

On Wednesday, July 29, 2009, the FTC extended the enforcement deadline for the Red Flags Rule until November 1, 2009.

The FTC has created a template to help "low risk" entities comply with the new Red Flags rules. "Low risk" entities are  those whose business practices are such that it would be hard to use a false identity, such as working with customers known to the employees personally or providing services at customers' homes.