Data Security Law Effective March 1st, 2010

As you may be aware, on March 1, 2010 the recently approved "Standards for Protection of Personal Information " (M.G.L. c.93H) will take effect for all Massachusetts companies.

The law establishes minimum standards for the safeguarding of a persons information for any Business that "receives stores or otherwise has access to personal information". Personal information is defined as having a persons first and last name, with anyone or more of the following data elements: social security number, license number or financial account number.

If applicable, your duties under this new law are to develop a Written Information Security Plan (WISP) which outlines the safeguards you have taken to prevent the release of any information. This includes encryption of desktop, laptop and handheld items if they contain client information.

For more information and some Frequently Asked Questions please download: www.mass.gov/Eoca/docs/idtheft/201CMR17faqs.pdf

Commercial Links

• www.massrmv.com - Massachusetts Registry of Motor Vehicles
• www.nadaguides.com - NADA Consumer Pricing Guide to New & Used Automobiles
• www.wcribma.org/mass - Massachusetts Worker's Compensation Rating & Inspection Bureau
• www.mass.gov/oca - Massachusetts Office of Consumer Affairs & Business Regulation
• www.state.ma.us/doi - Massachusetts Division of Insurance
• www.iihs.org - Insurance Institute for Highway Safety
• www.fema.gov - Federal Emergency Management Agency (FEMA)
• www.iii.org/smallbusiness - Insurance Information Institute, small business resource.