Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
What's the story with these ads on Slashdot? Check out our new blog post to find out. ×
Security

Submission + - Massachusetts data security law, 201 CMR 17.00->

emeraldd writes: This is a rather scary law, I'd have to say it is practically un-enforcable: "Here are the basics of the new law. If you have personally identifiable information (PII) about a Massachusetts resident, such as a first and last name, then you have to encrypt that data on the wire and as it’s persisted. Sending PII over HTTP instead of HTTPS? That’s a big no no. Storing the name of a customer in SQL Server without the data being encrypted? No way, Jose. You’ll get a fine of $5,000 per breach or lost record. If you have a database that contains 1,000 names of Massachusetts residents and lose it without the data being encrypted that’s $5,000,000. Yikes."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Massachusetts data security law, 201 CMR 17.00

Comments Filter:

panic: kernel trap (ignored)

Working...