Mass. Officials Discuss Data Security Regs
PRIVACY LAW—U.S.January 7, 2011
In the Workplace Privacy Counsel blog, Ellen Giblin of Littler Mendelson's Privacy & Data Protection Practice Group shares insight from a recent IAPP KnowledgeNet event at which officials from the Massachusetts Attorney General's Office and Office of Consumer Affairs and Business Regulation (OCABR) discussed their investigations into and enforcement of the almost one-year-old Massachusetts Data Security Regulations (201 CMR 17). The AG and OCABR share enforcement responsibilities for the regs, which took effect last March. Scott Shafer, the AG's chief of consumer protection, said the AG receives three to four data breach notifications daily and the office reviews each report closely to identify warning signs that may indicate noncompliance with the regulations, according to the report.