Alert October 28, 2008

Massachusetts Office of Consumer Affairs and Business Regulation Provides Guidance Regarding Personal Information Safeguards Requirements

The Massachusetts of Consumer Affairs and Business Regulation has provided guidance regarding its new regulations requiring all entities that own, license, store or maintain personal information about a resident of the Commonwealth of Massachusetts to develop, implement and maintain a comprehensive written information security program and make specific computer information security requirements.  The regulations, which have a January 1, 2009 compliance date, are discussed in detail in a Goodwin Procter Client Alert available here.

The newly issued guidance consists of the following: