The Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) has filed its final information security regulations and will be making them public this week. The final rules appear to have been tweaked only slightly from the draft regulations issued on August 17, 2009.
Tag Archives: OCABR
Still Wondering What Changes Massachusetts Made to the State’s Information Security Regulations? Here’s a Redline of the Revisions to 201 CMR 17.00.
As we reported on August 17th, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) has promulgated a revised set of information security regulations (201 CMR 17.00 et seq.) and will hold a meeting for public comment on September 22, 2009. For those who are still wondering what revisions were made, here is a redline comparison of the amendments (.pdf). More
ALERT: Massachusetts Proposes Revised Information Security Regulations, Delays Enforcement Until March 1, 2010
Today, the Massachusetts Office of Consumer Affairs and Business Regulations (OCABR) issued proposed amendments to the Massachusetts information security regulations, 201 CMR 17.00 to 17.05 (.doc). The highlights of the proposed regulations include the following:
- Enforcement of the regulations is postponed until March 1, 2010.
- Businesses affected by the regulations include anyone that “receives, maintains or otherwise has access to personal information in connection with the provision of goods or services or in connection with employment.”…
Massachusetts Regulators Present on New Information Security Rules – June 5, 2009, Suffolk University Law School
On Friday, June 5, 2009, Suffolk University Law School’s Center for Advanced Legal Studies organized a thorough presentation on the Massachusetts information security rules. These presentations were led by a pair of notable Massachusetts regulators: Scott D. Schafer, the head of privacy enforcement for the Massachusetts Attorney General and David A. Murray, the chief architect of the Massachusetts identity theft regulations for the Officer of Consumer Affairs and Business Regulation (OCABR).… More
ALERT: Massachusetts Gives Businesses Until January 1, 2010 to Adopt Information Security Programs To Comply With Recent Identity Theft Regulations
On Thursday, February 12, 2009, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) issued a public statement indicating that it is extending the May 1, 2009 deadline to comply with recent Massachusetts identity theft regulations until January 1, 2010.
The Massachusetts identity theft regulations affect entities that own, license, store or maintain personal information, including social security numbers, state identification numbers and financial account information,… More
ALERT: Massachusetts Gives Businesses Until May 1, 2009 to Adopt Comprehensive Information Security Programs To Comply With Recent State Identity Theft Regulations
On Friday, November 14, 2008, Massachusetts regulators announced that they will give affected businesses until May 1, 2009 to comply with new identity theft regulations. This move parallels the October announcement by the Federal Trade Commission that it is delaying enforcement of federal identity theft regulations until the same day.