Client Alert
| February 9, 2010
Comprehensive New Massachusetts Data Security Regulation Going Into Effect on March 1, 2010 Will Affect Many National Businesses
The long-awaited and long-delayed Massachusetts regulation setting heightened standards for corporate data security will finally take effect on March 1, 2010. The regulation, "Standards for the Protection of Personal Information of Residents of the Commonwealth," (the "Regulation") applies to all businesses (i.e., not only businesses based in Massachusetts) that collect and retain "personal information"2 of Massachusetts residents in connection with the provision of goods and services or for the purposes of employment. The requirements of the Regulation for safeguarding the security of computerized and noncomputerized personal information, although designed to be flexible in their application, are the most thorough and detailed state regulations of this type in the nation to date. Initial enforcement measures, and litigation challenging the Regulation, may follow in the coming year.
For more information, please contact your Dewey & LeBoeuf relationship partner, or one of the following:
This memorandum is intended only as a general discussion of these issues. It is not considered to be legal advice. We would be pleased to provide additional details or advice about specific situations. For additional information on this important topic, please feel free to call upon your Dewey & LeBoeuf relationship partner. No part of this publication may be reproduced, in whole or in part, in any form, without our prior written consent.
For further information on Dewey & LeBoeuf, please visit www.dl.com. +1 888 532 6383