Data breach notification legislation is becoming increasingly stringent across the U.S. Massachusetts’s Data Breach Notification Act was updated in January 2019, with the updates taking effect on April 11, 2019.
Key changes to be aware of:
- Organizations must report whether they have a written information security program (among other information) to the Attorney General and Office of Consumer Affairs and Business Regulation if they experience a breach
- If subsidiaries experience a breach, the parent company may also be liable for the incident
- If an organization finds out about a breach affecting a Massachusetts resident, the organization must notify the resident without unreasonable delay.
- Organizations that have experienced a breach will be listed on the website of the Office of Consumer Affairs and Business Regulation
The importance of having a written information security program
A written security program is an important part of an ISMS (information security management system). An ISMS offers a systematic approach that accounts for the three key pillars of information security: people, processes, and technology.
ISO/IEC 27001:2013 (ISO 27001) is the international standard that provides the specification for an ISMS. Implementing an ISO 27001-compliant ISMS demonstrates that your organization is following information security best practice, and delivers an independent, expert assessment of whether your data is adequately protected.
Data breaches can result in significant reputational damage. As organizations that experience a breach must now be listed on the website of the Office of Consumer Affairs and Business Regulation, exposure to negative reputational or brand impacts increases.
Protect your organization
Our certified ISO 27001 training courses are in high demand! Book now to secure a place on our upcoming classes.
Save up to $500 if you book before January 31, 2019.
Take advantage of our special holiday offer
more than $500 to receive $50 off
Spend more than $1,000 to receive $100 off
Spend more than $2,000 to receive $200 off
Spend more than $5,000 to receive $500 off
automatically at checkout. No promo code is required.
Sale ends on January 31, 2019. Save here >>