Massachusetts has recently issued sweeping new regulations applicable to all entities that own, license, store or maintain personal information about Massachusetts residents. The regulations, which are technically specific and demand the implementation of administrative, electronic and physical safeguards, will become effective on January 1, 2009.
This summary highlights several components of these regulations.