March 1st Deadline to Update Vendor Contracts under Mass. Privacy Law

As of March 1st, businesses that handle personal information of Massachusetts residents must update vendor contracts to comply with the Mass. Code for “Standards for the Protection of Personal Information of Residents of the Commonwealth.” Since March of 2010, businesses that handled personal information Description: Description: Mass State Houseof Massachusetts residents have been required to establish minimum standards for safeguarding personal information contained in both paper and electronic records through a Written Information Security Program (“WISP”). Existing contracts with vendors and service providers were “grandfathered” from specific requirements of the Code. As of March 1, 2012, all vendors and suppliers that handle Mass. residents’ personal information must have written provisions in their contracts to comply with the Code, including a WISP. Businesses must either amend existing contracts with their vendors and suppliers, or create new ones to address the Code requirements. Contact Roger Hood to learn more.