From what I read of this Massachusetts data encryption law, it appears as though it really only applies to the following situations: (1) wireless communication (2) Portable media (3) communication of records over a public network (4) the keeping of paper records in some kind of secure way (locked file cabinets) Does anyone know if it requires encryption of databases on a LAN where the databases are only used internally? I have a Access database used internally for record keeping which contains personal identification numbers, however it doesn't leave the walls of the building in any situation. Thanks David rdmurray at bitdance.com wrote: > On Thu, 26 Feb 2009 at 11:16, David Korpiewski wrote: >> I was just notified about a new Massachusetts data encryption law that >> is going into effect May 1, 2009. It is pretty harsh and requires >> all data with personal information to be encrypted, even on backup >> tapes. I'm trying to find a software solution that will use software >> encryption when backing up to a tape library one of the companies I >> work for already owns. Does anyone know of any backup software that >> supports software encryption when dumping data to tape? > > Google is your friend :) There appear to be lots of options. > >> Also, I have SQL servers and Access databases with personal data (that >> I did not create, but maintain). Does anyone know how to encrypt >> this data? > > According to the press release (but one should probably double check > with a lawyer :( ), you only have to worry about it if it is on > portable media. If this data is on a laptop or other portable disk, > then your easiest path is probably to look into an encrypting file system. > > --RDM -- =========================================== David Korpiewski Software Specialist I CSCF - Computer Science Computing Facility Department of Computer Science Phone: 413-545-4319 Fax: 413-577-2285 ===========================================