This regulation implements the provisions of M.G.L. c. 93H relative to the standards to be met by persons who own or license personal information about a resident of the Commonwealth of Massachusetts. This regulation establishes minimum standards to be met in connection with the safeguarding of personal information contained in both paper and electronic records. The objectives of this regulation are to insure the security and confidentiality of customer information in a manner fully consistent with industry standards; protect against anticipated threats or hazards to the security or integrity of such information.
Massachusetts Attorney General is very serious about protecting residents and businesses from identity theft. It doesn’t matter if the information was used in a crime or the age of the documents, the mere fact that documents were disposed of in an improper manner will find that company or individual answering to the Attorney General’s office and in wrong side of the law.