Today, the Massachusetts Office of Consumer Affairs and Business Regulations (OCABR) issued proposed amendments to the Massachusetts information security regulations, 201 CMR 17.00 to 17.05 (.doc). The highlights of the proposed regulations include the following:
- Enforcement of the regulations is postponed until March 1, 2010.
- Businesses affected by the regulations include anyone that “receives, maintains or otherwise has access to personal information in connection with the provision of goods or services or in connection with employment.”…