Massachusetts law requires businesses holding the personal data of a Massachusetts resident to take measures to prevent identity theft. The law applies to nearly all Massachusetts businesses, non-profits, and universities, as well as many nationwide businesses with customers in Massachusetts.
Personal Data Compliance (PDC) and the website PersonalDataCompliance.com help businesses create a roadmap of measures that must be taken to comply with the law.
Examples of personal data include a person’s name in any combination with their social security number, driver’s license number, or financial account number, such as a credit or debit card.
Every organization must take compliance seriously, as breaches may result in government action including financial penalties, liability in civil suit, contractual risk, and even risk insurance coverage.
PDC helps businesses and organizations quickly and cost effectively navigate and comply with the new law. Using a step-by-step interface, PDC facilitates the effort to analyze information security, identify risks, and develop a WISP for their organization. PDC then dynamically generates the WISP and stores the data, making annual reviews and updates easy for ongoing compliance. PDC provides monthly updates to clients stay aware of changes, trends, and modifications that may affect their companies going forward.