Massachusetts recently announced that it is extending the compliance deadline for its new data security law.  This will give businesses a little extra time to comply with the law, which requires “any business that collects personal information of state residents to encrypt all portable devices, wireless transmissions and public networks.”

The Massachusetts law goes beyond most state data breach notification legislation by actually including encryption requirements.  The Mass law could become a model for other states.

Data Security