Guryan Quoted On Challenges of New Massachusetts Data Security RulesBusiness Insurance April 4, 2010
Barry Guryan, a Member of the Firm in the Labor and Employment and the Health Care and Life Sciences practices in the Boston and New York offices, was quoted in Business Insurance magazine on stringent new Massachusetts data security regulations.
The article, "Data Security Law Sparks Concerns: Massachusetts rule may boost exposure for companies," stated that the new rules apply to any company that has personal information on a Massachusetts resident regardless of whether the business is based in the state.
One challenge for businesses, noted Guryan, is the requirement of encryption of certain personal data that is communicated over a public network or is transmitted wirelessly.
"In some cases, it may be easier for some companies to not distinguish between Massachusetts' personal information and others,'" said Guryan. "On the other hand, that may be so onerous to other companies that it is not a practical solution."
The statute provides for a fine of $5,000 per violation, but it is unclear whether that applies to a single data breach or whether it applies to every person affected by a data breach.