References for Mass 201 CMR 17.00

Here is a list of references for my discussion of the new data protection law (and for insomniacs everywhere):

• California SB 1386

• The first notification law

• Privacy Rights Clearinghouse

• A depressing litany of failure

• Data Loss Database

• Another loss list, sortable and downloadable

• Failure you can carry with you

• Nevada Title 52, Chapter 597

• How NOT to make data protection law

• Scroll to the very bottom to see a one-sentence afterthought

• Massachusetts Executive Order 504

• 201CMR17 doesn't apply to state government, but this does

• 201 CMR 17.00: Standards for The Protection of Personal Information of Residents of the Commonwealth

• The regulations

• Frequently Asked Questions Regarding 201 CMR 17.00

• 201 CMR 17.00 Compliance Checklist

• This could actually be useful

• Extended Deadlines for provisions of 201 CMR 17.00

• Fiscal Effect and Small Business Impact Statement

• Spinning an unfunded mandate

• Small Business Guide for Formulating a Comprehensive Written Information Security Program

• Some more detail on expectations

• Some utter nonsense, too

• Like the bit about building access

• MGL Chapter 93H

• The Massachusetts breach notification law

• The foundation for 201 CMR 17.00

• Report on the MGL Chapter 93H Notifications

• Summary of breach notifications for the first ten months

• Requirements for Security Breach Notifications under Chapter 93H

 

Jack