Just one week remains before all entities that store or transmit personal information about Massachusetts residents must comply with the state's new security regulations. With the March 1 deadline looming, the Boston Herald reports that small businesses and other organizations are concerned about compliance, especially when it comes to the costs related to developing new policies and providing employee training. In addition to mandating encryption of any personal information that organizations store on portable devices or transmit online, the law also requires written data security plans. "What we're trying to do is create a culture of security around personal information," says Barbara Anthony, undersecretary of the Massachusetts Office of Consumer Affairs and Business Regulation.
If you want to comment on this post, you need to login.