The Bay State Raises The Bar On Personal Data Security: Are You In Compliance?
by Jeffrey D. Neuburger and Natalie Newman Proskauer Rose LLP
Newly effective regulations promulgated under Massachusetts' recent data security law, Mass. Gen. Law ch. 93H, have raised the bar for data security compliance. Even companies that were compliant with applicable law prior to the enactment of the Regulations are obligated to review where they stand in light of these new requirements. Furthermore, companies outside of Massachusetts cannot ignore the Regulations - their effect is national and international in scope, as they apply to all companies - wherever located - using personal data of Massachusetts residents.
...
IANALB, this sounds like nonsense. If some bureaucrat in Boston called up a company in a foreign country and tried to dictate "data security" to them, the most likely response (s)he'd get would be "You and what army"?
I would have thought that law firms had more class than to send fear-mongering missives like this: it sounds suspiciously similar to a local TV station teasing the evening news.
Bill Horne Moderator