What is the Massachusetts Standards ?
Standards for the Protection of Personal Information of Residents of the Commonwealth (the Massachusetts Standards) is a comprehensive data protection and privacy law in the United States.
This regulation issued by the Department of Consumer Affairs and Business Regulation pursuant to Massachusetts General Law Chapter 93H will require every business that licenses or owns personal information of Massachusetts residents to comply with the minimum security standards set forth in the regulation.
The Massachusetts Standards require any natural person or entity that owns or licenses personal information of a Massachusetts resident to implement a written information security program with appropriate administrative, technical, and physical safeguards. Such safeguards must be consistent with those set forth in state and federal regulations to which a business is subject, including data breach notification laws, HIPAA, and the Gramm-Leach-Bliley Act.
This solution will provide your organisation guidance on how to gain and maintain compliance with the Standards for the Protection of PII of Residents of the Commonwealth.