MA regulatory monitoring

201 CMR 17 (data security regs) and every new privacy bill in Massachusetts.

High — applies to anyone with MA-resident customer/employee data, no size threshold

Get MA alerts Browse MA bills
Law
201 CMR 17 (data security regs)
Effective
2010-03-01
Status
enacted

What the law requires

Compliance obligations

  • 01 Written information security program (WISP) required for anyone holding MA resident personal info
  • 02 Encryption of personal data in transit and on portable devices
  • 03 Vendor management — written contracts requiring third parties to implement equivalent safeguards

Penalties

Up to $5,000 per violation under MA consumer protection law, plus breach notification obligations

Recent MA bills

View all →
H327 introduced

Regulating surgical assistants

1. **ONE-SENTENCE SUMMARY:** This bill aims to establish regulations and licensing requirements for surgical assistants in Massachusetts. 2. **KEY REQUIREMENTS:** - Surgical assistants must be lic…

H326 introduced

Relative to pipefitting licensure

1. **ONE-SENTENCE SUMMARY:** This bill relates to the licensing requirements for pipefitting professionals in Massachusetts. 2. **KEY REQUIREMENTS:** - Ensure that all pipefitters employed by your…

H325 introduced

Relating to sales at certain venues

1. **ONE-SENTENCE SUMMARY:** This bill regulates the sale of alcoholic beverages at specific venues in Massachusetts. 2. **KEY REQUIREMENTS:** - Ensure that any venue selling alcoholic beverages c…

H321 introduced

Regulating body art

1. **ONE-SENTENCE SUMMARY:** This bill aims to require body piercing practitioners to obtain a license from the Department of Public Health in Massachusetts. 2. **KEY REQUIREMENTS:** - Obtain a li…

Stay current on MA

Get the next MA bill in your inbox.

Free weekly digest. One state, no card required.