The key points: - Enforcement is shared by the Massachusetts Attorney General's Office and the Office of Consumer Affairs and Business Regulation.
- The AG is receiving a daily average of three to four data breach notifications.
- Scott Shafer advised businesses to notify his office in virtually all cases of a suspected breach.
- Although encryption can be regarded as a “safe harbor” from the statutory breach notification obligation, that is not the case where the breach also compromised the encryption key, which (according to Shafer) occurs with relative frequency. http://privacyblog.littler.com/2011/01/articles/data-security/massachusetts-attorney-general-reviews-2010-data-breach-and-data-security-regulations-compliance/ Sources: IAPP Daily Dashboard, Original source Workplace Privacy Counsel Blog http://privacyblog.littler.com
- The AG is receiving a daily average of three to four data breach notifications.
- Scott Shafer advised businesses to notify his office in virtually all cases of a suspected breach.
- Although encryption can be regarded as a “safe harbor” from the statutory breach notification obligation, that is not the case where the breach also compromised the encryption key, which (according to Shafer) occurs with relative frequency. http://privacyblog.littler.com/2011/01/articles/data-security/massachusetts-attorney-general-reviews-2010-data-breach-and-data-security-regulations-compliance/ Sources: IAPP Daily Dashboard, Original source Workplace Privacy Counsel Blog http://privacyblog.littler.com
Posted via email from ken5m1th
No comments:
Post a Comment