The clock is ticking in Massachusetts where businesses have until March 1, 2010 to secure any customer or employee personal information.

This recent Patriot Ledger article contains good information about the new laws put in place after the TJX data breach and other high profile incidents.

Beginning in March, that data is required to be encrypted on any mobile device such as laptops or portable USB drives. The precaution follows several high-profile cases in which company data was accessed from stolen laptops, including the names and Social Security numbers of 800,000 applicants for jobs at the Gap in 2006 and 2007.

Data Security