What You Need to Know About New Massachusetts
Data Security Law 201 CMR 17.00

EXECUTIVE SUMMARY: As of March 1st, 2010, all with personal information about Massachusetts residents must protect it. The Regulation (link below) defines the terminology & the PowerPoint® link gives penalties (slide 18). Fines can be $5k per Violation / $50k per Instance, and $100 per Resident affected. Several government agencies plus the Resident(s) must be notified of a breach (slide 15). The Regulation Compliance Checklist gives a good run-down of requirements.
RESOURCES:
The Regulation:
http://www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf 
Regulation Compliance Checklist:
http://www.mass.gov/Eoca/docs/idtheft/compliance_checklist.pdf
FAQs:
http://www.mass.gov/Eoca/docs/idtheft/201CMR17faqs.pdf  
PowerPoint® overview:
http://drop.io/massisspresentation 
WISP example:
http://www.201cmr17.com/Sample%20Information%20Security%20Policy.htm 
Compliance assistance:
http://www.naplia.com/cmr17/compliance.html 
More Info:
http://www.naplia.com/cmr17/
http://www.201cmr17.com/ 
A process to redact personal information from documents:
http://www.adobe.com/designcenter/acrobat/articles/acr8at_redact_print.html 
An encryption tool:
http://www.truecrypt.org/ 
Digital ID source:
http://www.verisign.com/authentication/individual-authentication/digital-id/
Links current as of 9 Feb., 2010.  The inclusion of links does not imply endorsement.
Information is provided as a source of public information and is not legal advice or opinion, or a solicitation for engagement.