Businesses holding personal information of Massachusetts residents have at least one thing to be thankful for this holiday season. As reported here, Massachusetts earlier this year established strict standards for protection of personal information about Massachusetts residents. Those standards include encryption of electronic data when stored or transmitted and were set to take effect January 1, 2009.
In light of current economic conditions, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) delayed the general compliance deadline until May 1, 2009 – the same date the FTC’s new red flag rules take effect (as reported here, here and here).