In updating state records laws, the bay state has opened to the public the archive of reported data breach incidents, heightening the importance of compliance with state data security laws and avoiding security breaches.
Massachusetts' new Data Breach Notification Archive provides details of each breach reported to have affected state residents, with details on the suffering company/organization, types of data breached, number of affected state residents, and more. Getting your company listed here paints an even more embarassing target on your company's back after having suffereed a data security breach, making it one more reason to avoid such a predicament.
Massachusetts' data security regulations can potentially ensnare any company/organization, even if it is not located in the state (as the Women & Infants Hospital of Rhode Island discovered in 2015), so compliance is key. Consult the Insights Association's members-only white paper on Massachusetts data security obligations and breach notification requirements to get on track. Keeping on top of all the other state data security laws (depending on where researchers and their respondents are located) would also be advisable. Research professionals should properly involve employees in data security efforts, appropriately dispose of data you don’t need, review and/or audit data security practices and policies, and prepare potential responses to a data breach. After all, even the most insignificant of companies can suffer from, and be punished for, data security breaches.
If you're ready to take more serious steps, Insights Association company/organization members can adopt the ISO information security standards, get customized information protection assistance, and secure cybersecurity and professoinal liability insurance.
This information is not intended and should not be construed as or substituted for legal advice. It is provided for informational purposes only. It is advisable to consult with your attorney on the precise scope and interpretation of any laws/regulation/legislation and their impact on your particular business.