Resources for

Massachusetts extends compliance deadline on new data-encryption rules

www.computerworld.com

Companies that have to comply with tough new regulations mandating the use of encryption and other security controls for protecting the personal data of Massachusetts residents are being given more time to do so. Last Friday, the state's Office of Consumer Affairs and Business Regulation (OCABR) extended the compliance deadline from Jan. 1 to May 1. In its announcement, the OCABR said the extension was prompted by current economic conditions and is designed to give more flexibility to companies that may be experiencing financial difficulties. Businesses now have until next May to ensure that they and their third-party service providers are in compliance with regulations set by the OCABR to implement the data breach provisions in the state's consumer protection law. In addition, the deadline for obtaining written certification from third-party providers that they meet the requirements has been pushed back to Jan. 1, 2010.

View the Resource

Share or bookmarklet this web page at: