Most Popular I've Been Mugged Posts
Editor's Picks: Must-Read Posts About Identity Theft

Massachusetts Regulators Adopt Tougher Identity Theft Rules

Last week, the Boston Globe newspaper reported:

"The regulations, issued by the Massachusetts Office of Consumer Affairs and Business Regulation, require companies that handle personal information such as credit card accounts and Social Security numbers to encrypt data stored on laptops, monitor employee access to data, and take other steps to protect customer information, beginning Jan. 1. Governor Deval Patrick also signed an executive order requiring state agencies to take similar measures."

After the TJX Companies / TJ Maxx data breach, in 2007 Governor Patrick signed new legislation for Massachusetts residents requiring companies to notify consumers of data breaches, new data protection and disposal rules for companies and state agencies, and new Security Freeze laws to help consumers. Back in August 2008, the I've Been Mugged blog reported the continual data breach problems nationwide. In June, we discussed the poor state of data security by companies. It's good to see the Boston Globe also summarize the continual problem of data breaches:

"Since then, companies have reported nearly 320 security breaches to the state, affecting more than 625,000 residents. Many involved stolen laptops and hard drives. In three of four cases, the data were not encrypted or protected by a password."

While the new, stronger rules are a step in the right direction, Massachusetts legislators need to do more. Consumers need Anti-Skimming laws for protection against RFID identity theft. The State of Massachusetts should also publish copies of the data breach notifications it receives, so consumers have convenient access to these documents. Online access to these documents has many benefits, including help consumers verify data breach notification letters as authentic and not spam.

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.