|
U.S. PIRG Consumer Blog
« Consumer groups win auto safety lawsuit against government |
Main
| 26 groups demand public interest principles in any bailout »
September 24, 2008
Massachusetts issues data protection rules
Massachusetts regulators (their release, detailed regulations, Boston Globe story) have issued data protection rules for businesses, implementing its recent identity theft law, which was enacted following a spate (TJ Marshalls and other TJX stores, Hannaford Stores and Harvard U, etc) of high-profile data breaches right in the hub of Red Sox Nation. In addition, Governor Deval Patrick has issued an executive order "requiring all state agencies to immediately take steps to implement security measures consistent with the requirements established by OCABR's regulations for private companies." From the Globe:
Shortly after the TJX incident, Patrick signed sweeping legislation requiring companies to notify the state of future security breaches and ordering the consumer affairs agency to craft new regulations. [...] After business groups raised objections to an early draft of the rules, Crane said, the agency made several changes. [...] Still, Eric Bourassa, a consumer advocate for the Massachusetts Public Interest Research Group, said he is pleased with the final version.
Posted by Ed Mierzwinski at September 24, 2008 07:56 AM
Post a comment
|
