[Hidden-tech] New Massachusetts Encryption Law

Roger Williams roger at qux.com
Thu Feb 26 12:17:55 EST 2009

Previous message: [Hidden-tech] New Massachusetts Encryption Law
Next message: [Hidden-tech] New Massachusetts Encryption Law
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> David Korpiewski <davidk at cs.umass.edu> writes:

  > I was just notified about a new Massachusetts data encryption law that is
  > going into effect May 1, 2009.  It is pretty harsh and requires all data
  > with personal information to be encrypted, even on backup tapes.

IMHO, 201 CMR 17.00 is long overdue.

Fortunately for folks responsible for implementing it, on 2/12 the Mass Office
of Consumer Affairs and Business Regulation issued a few amendments -- and
another extension.

Under the extension, the rules will now take effect 1 January 2010.

(The amendments make the standard for third party vendor relationships more
reasonable, and -- for some unknown reason -- omit the requirement for
encryption to personal data transmitted over public networks or wireless
communications.)

-- 
Roger Williams <roger at qux.com>
Chief Technical Officer, Qux Corporation
433 West Street, Suite 8, Amherst, MA 01002, USA
Tel +1 413 253-6400 * Fax +1 508 302-0230 * GSM +1 508 287-1420

Previous message: [Hidden-tech] New Massachusetts Encryption Law
Next message: [Hidden-tech] New Massachusetts Encryption Law
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Hidden-discuss mailing list