Smaller companies challenged to comply with Massachusetts’ data privacy rules
Jill Gambon reports:
Eight months after the state’s tough, new data privacy regulations went into effect, many businesses are still sorting through the rules and working to bring their firms into compliance.
The regulations, which went into force in March, are intended to protect a consumer’s personal information from identity theft and other privacy breaches and to spell out steps that businesses must take to ensure data is secured. Some large companies — particularly those in the finance and health care industries that are already subject to data security laws like the Health Insurance Portability and Accountability Act (HIPAA) — had privacy measures in place, which helped get them ready for Massachusetts’ regulations. However, for many smaller and midsize companies that have not been subject to data security laws before, complying with the rules is a longer and often more painful process.
Read more in Mass High Tech