A big thank you to Brandon Dunlap and Brett Myers for catching an error I made in my January 1 post…

The compliance date for Massachusetts 201 CMR 17.00 has been pushed back to May 1, 2009.
The deadline for requiring written certification from third-party providers verifying compliance with this law was also pushed back to January 1, 2010.
The Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) is holding a public hearing on January 16 to receive oral and written testimony on the state’s decision to extend the compliance date.
The notice of public hearing, which includes information on the time and location of the hearing and where to send written or e-mailed comments, is available here.

Tags: awareness and training, data protection law, Information Security, IT compliance, IT training, Massachusetts law, policies and procedures, privacy law, privacy training, risk management, security training

This entry was posted on Saturday, January 3rd, 2009 at 9:25 pm and is filed under Laws & Regulations, Privacy and Compliance. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.