Massachusetts data breach reporting law: I know what the law says. Or do I?

I recently attended an event where Scott Schafer, Chief of the Consumer Protection Division of the Massachusetts Attorney General’s office, reiterated the AG’s take on some aspects of MGL 93H, the Massachusetts data breach reporting law. Specifically, Assistant AG Schafer put forward a very strict interpretation of the definition of breach in 93H, covering when you must report a breach. The AG’s office has an interpretation of when you must report a breach that is substantially different than most people I have spoken with on the topic.

Full Article

Source: blog.uncommonsensesecurity.com
#government#dataloss#infosec

3 notes

  1. ataferner posted this