Mass AG talks about Data Breach Regulations and recent incidents

The key points:

- Enforcement is shared by the Massachusetts Attorney General's Office and the Office of Consumer Affairs and Business Regulation.
- The AG is receiving a daily average of three to four data breach notifications.
- Scott Shafer advised businesses to notify his office in virtually all cases of a suspected breach.
Although encryption can be regarded as a “safe harbor” from the statutory breach notification obligation, that is not the case where the breach also compromised the encryption key, which (according to Shafer) occurs with relative frequency.

Sources: IAPP Daily Dashboard, Original source Workplace Privacy Counsel Blog

Posted via email from ken5m1th