Yes, this has been a major issue for CPA firms dealing with MA clients.
On Fri, Mar 12, 2010 at 3:05 PM, David Mazzaccaro < [email protected]> wrote: > That's what I interrupt it as. > Just had a webinar on this last week. > > > ------------------------------ > *From:* David Lum [mailto:[email protected]] > *Sent:* Friday, March 12, 2010 2:59 PM > *To:* NT System Admin Issues > *Subject:* Massachusetts law about encryption > > Can someone clarify who this applies to? > > “persons who own or license personal information about a resident of the > Commonwealth of Massachusetts” defined as: > > > > *Owns or licenses, *receives, stores, maintains, processes, or otherwise > has access to personal information in connection with the provision of goods > or services or in connection with employment. > > * * > > *Person*, a natural person, corporation, association, partnership or other > legal entity, other than an agency, executive office, department, board, > commission, bureau, division or authority of the Commonwealth, or any of its > branches, or any political subdivision thereof. > > > > Because those people, as of two days ago are to perform “Encryption of all > transmitted records and files containing personal information that will > travel across public networks, and encryption of all data containing > personal information to be transmitted wirelessly" AND "[e]ncryption of all > personal information stored on laptops or other portable devices . . > > > > > http://www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf?mtcCampaign=-1&mtcEmail=13086283 > > > > Does that mean if my company does business with someone in Mass that any > personal data of theirs I have needs to be encrypted when transmitted or > stored on my systems? > > *David Lum** **// *SYSTEMS ENGINEER > NORTHWEST EVALUATION ASSOCIATION > (Desk) 971.222.1025 > *// *(Cell) 503.267.9764 > > > > > > > > > . > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
