Hooray for transparency: Massachusetts puts data breach archive online
The state’s announcement:
The Office of Consumer Affairs and Business Regulation today announced the online public availability of its Data Breach Notification Archive.
The Massachusetts Data Security Law (M.G.L. c.93H) requires any entity that keeps a Massachusetts resident’s personal information to notify affected residents, the Office of Consumer Affairs and Business Regulation, and the Attorney General’s Office anytime personal information is accidentally or intentionally compromised. The information maintained by the Office of Consumer Affairs was previously only available through Public Records Requests.
“The Data Breach Notification Archive is a public record that the public and media have every right to view,” said Consumer Affairs Undersecretary John Chapman. “Making it easily accessible by putting it online is not only in keeping with the guidelines suggested in the new Public Records law, but also with Governor Baker’s commitment to greater transparency throughout the Executive Office.”
The updated Public Records Law, signed by Governor Charlie Baker in June, mandated the placement of certain public records online. Individual agencies were authorized to post public record information of significant interest that agencies deems appropriate.
The Office of Consumer Affairs and Business Regulation along with its five agencies work together to achieve two goals: to protect and empower consumers through advocacy and education, and to ensure a fair playing field for all Massachusetts businesses. The Office also oversees the State’s lemon laws, data breach reporting, and home improvement contractor programs, and the State’s Do Not Call Registry. Follow the office at its blog, on Facebook, and on Twitter @Mass Consumer.
Although the press release doesn’t seem to tell us where to actually find the archive, you can find it here.