Mass AG talks about Data Breach Regulations and recent incidents

The key points:

- Enforcement is shared by the Massachusetts Attorney General's Office and the Office of Consumer Affairs and Business Regulation.
- The AG is receiving a daily average of three to four data breach notifications.
- Scott Shafer advised businesses to notify his office in virtually all cases of a suspected breach.
-
Although encryption can be regarded as a “safe harbor” from the statutory breach notification obligation, that is not the case where the breach also compromised the encryption key, which (according to Shafer) occurs with relative frequency.

http://privacyblog.littler.com/2011/01/articles/data-security/massachusetts-attorney-general-reviews-2010-data-breach-and-data-security-regulations-compliance/

Sources: IAPP Daily Dashboard, Original source Workplace Privacy Counsel Blog http://privacyblog.littler.com

Posted via email from ken5m1th