Can someone clarify who this applies to? "persons who own or license personal information about a resident of the Commonwealth of Massachusetts" defined as:
Owns or licenses, receives, stores, maintains, processes, or otherwise has access to personal information in connection with the provision of goods or services or in connection with employment. Person, a natural person, corporation, association, partnership or other legal entity, other than an agency, executive office, department, board, commission, bureau, division or authority of the Commonwealth, or any of its branches, or any political subdivision thereof. Because those people, as of two days ago are to perform "Encryption of all transmitted records and files containing personal information that will travel across public networks, and encryption of all data containing personal information to be transmitted wirelessly" AND "[e]ncryption of all personal information stored on laptops or other portable devices . . http://www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf?mtcCampaign=-1&mtcEmail=13086283 Does that mean if my company does business with someone in Mass that any personal data of theirs I have needs to be encrypted when transmitted or stored on my systems? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
