Extension Provided for Compliance with New Massachusetts Data Security Regulation -- Tiered Compliance Dates Now in Effect
November 18, 2008

The firm's Information Security and Privacy Practice Group provides an update on a compliance extension to Massachusetts’s new data security regulation, which was first described in an advisory distributed on Oct. 2.

Specifically, the State has extended the deadline for all aspects of compliance with the state’s new data security regulation from January 1, 2009 to May 1, 2009, except for an additional extension for third-party contractor certification and general mobile device encryption to January 1, 2010.