Is Your Business in Compliance with Massachusetts Personal Information Privacy Laws?
On March 1, 2010, the Massachusetts law implementing “Standards for the Protection of Personal Information of Residents of the Commonwealth,” MA 201 CMR 17, went into effect. The law requires that businesses and individuals receiving, storing, maintaining, processing, or otherwise accessing personal information have written information security procedures.
While significant time has passed since the laws were enacted, many individuals and businesses still aren’t fully aware of the requirements, potential risks, and penalties for noncompliance.
Definition of “Personal Information”
Personal information is defined as “a Massachusetts resident’s first name and last name or first initial and last name in combination with any one or more of the following data elements that relate to such resident: (a) Social Security number; (b) driver’s license number or state-issued identification card number; or (c) financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to a resident’s financial account.” Source: www.mass.gov
What’s at Risk?
In addition to reputation damage to a business, the financial costs of not complying with the Massachusetts privacy regulations can be significant. The Massachusetts attorney general may seek a temporary restraining order or a preliminary or permanent injunction against any entity suspected of violating the Regulations. If a court finds that the regulations were violated, it may impose civil penalties of up to $5,000 per violation, court costs and attorneys’ fees. For example, if 100 customers have their information breached, $5000 x 100 = $500,000.
If you were unaware of the law or have not developed written security procedures, please visit the links below for additional information.
Cyber Liability Insurance Offers Support if a Breach Occurs
Beyond preparing procedures to comply, you can reduce your financial risk for various situations through Cyber Liability Insurance coverage. Some of the types of claims that may occur include:
- Accidental release of confidential customer information
- Spreading a virus into a customer’s computer system
- Theft of customer’s credit card or banking account numbers
- Derogatory comments made online about a competitor by an employee
- Denial of service attack hacking
- Electronic data extortion or destruction
- Webmaster using another site’s content in site development
While no policy covers every situation, having this specialized coverage can help if a database breach happens despite your prevention efforts.
To discuss Cyber Liability Insurance for your company, please Contact Us.
Visit Our Business Insurance Page
Murphy Insurance stands as your steadfast partner in safeguarding your business from unforeseen challenges in today’s dynamic business landscape. In an era where comprehensive business insurance is not just a prudent choice but a vital one for ensuring the long-term stability and security of your enterprise, we are here to offer our expertise. Running a business inherently entails various risks that can potentially impact your financial stability and reputation. Learn more about our comprehensive business insurance solutions, which are meticulously designed to protect you from these potential threats, granting you peace of mind necessary to focus on the growth and prosperity of your business.