Standards For The Protection Of Personal Information Of Residents Of The Commonwealth Of Massachusetts
What does it mean?
- The Commonwealth of Massachusetts has developed its own privacy law that applies to all persons that own or license personal information about a resident of the Commonwealth
- Establishes minimum standards for the safeguarding of personal information in both paper and electronic records in order to ensure the security and confidentiality of customer information and protect against anticipated threats and unauthorized access to personal information
Who is affected?
- All persons and businesses who collect and retain personal information in connection with the provision of goods and services or for the purposes of employment
What is the impact? (penalties and fines)
- Civil penalties of $5,000 per violation plus reasonable costs of investigation and litigation
- Fines of up to $50,000 for each instance of improper data disposal
How to reach compliance?
- Applicable individuals and businesses must develop, implement, maintain and monitor a comprehensive, written information security program to ensure the security and confidentiality of personal information in both physical and electronic formats
- If a data breach occurs, the breach must be reported to both the Office of Consumer Affairs and Business Regulation and the Attorney General
Contact Us and a Cintas Document Management expert will do a no-obligation evaluation of your facility's information management needs.