Complying with Massachusetts’ Strict New Data Security Regulations by May 1, 2009 January 14, 2009

The Massachusetts Office of Consumer Affairs and Business Regulation recently issued new and far-reaching regulations requiring by May 1, 2009 that “all persons that own, license, store or maintain personal information about a resident of the Commonwealth” comply with strict requirements to safeguard such personal information.

The regulations require businesses throughout the country that handle personal information of Massachusetts residents (e.g., first name or initial and last name, in conjunction with SSN, driver’s license or credit card number) to:

Establish a comprehensive information security program
Encrypt all wirelessly transmitted data and documents sent over “public networks” or saved on laptops or flash drives
Obtain certifications from third-party vendors that they, too, have comprehensive information security programs that comply with the regulations
Businesses that regularly handle sensitive personal information about employees and customers — especially those in the healthcare, securities, banking and retail industries — will be particularly affected by these new regulations. These businesses will need to act now in order to meet the May 1 deadline for compliance; violations of the regulations could lead to severe penalties and civil liability.

Come learn more about the new regulations, including:

An overview of the new regulations and enabling legislation, including definitions and timelines, and a comparison of state and federal regulatory requirements
Specific insights from IT specialists on the requirements of the comprehensive information security program
Tips for Human Resources personnel in dealing with confidential employee information
Strategies for developing a plan in the event of a data security breach and handling breaches when they occur

When
Wednesday, January 14, 2009
8:00 am - Registration and Breakfast
8:30 to 10:00 am - Presentation and Q&A

Where
Bingham McCutchen LLP
One Federal Street, 13th Floor
Boston, MA 02110

Speakers
Mark E. Robinson, Bingham White Collar Defense and Business Regulation Group Co-Chair, handles complex legal and business problems involving the government, including several recent representations in data breach and identity theft matters. His experience includes representing clients in matters related to securities fraud, health care, insurance, antitrust, banking, environmental, procurement fraud, false claims, FCPA, commercial bribery and espionage, financial and accounting misconduct, RICO, internal investigations, and compliance problems. Mark’s experience includes six years as a trial lawyer and federal prosecutor, conducting federal criminal and grand jury investigations nationwide (including two years as deputy chief of the Criminal Division of the United States Department of Justice in Washington, D.C.); seven years as Chairman of the Board of Directors of the Massachusetts Port Authority; and two years as Secretary of Administration and Finance (CFO) of the Commonwealth of Massachusetts.

Beth I.Z. Boland, Bingham Securities Litigation and Corporate Governance Partner, concentrates her practice on consumer/shareholder class actions, corporate governance and securities issues. She has particular expertise in class actions involving claims of invasion of privacy, and has represented numerous clients in connection with government investigations, including those involving data breaches at the Massachusetts Attorney General’s Office and the Office of Consumer Affairs and Business Regulation. A former president of the Women’s Bar Association of Massachusetts, she is a frequent speaker and commentator on issues relating to class actions and government investigations.

Douglas T. Schwarz, Bingham Labor and Employment Partner, represents public and private companies in all aspects of labor and employment law, including privacy law. He counsels clients on human resource matters, including addressing workplace privacy and safety issues; developing and administering human resource policies, manuals and handbooks and employee benefit plans; compliance with statutory and regulatory requirements in areas such as overtime pay and disability accommodation; planning and managing reductions in force; and developing and implementing affirmative action and diversity plans. Doug previously served as a commissioner of the Massachusetts Commission Against Discrimination, a role in which he oversaw the investigation of claims of discrimination, mediated discrimination disputes, and adjudicated cases at public hearings.

Frank Rudewicz, UHY Advisors Forensic, Litigation & Valuation Services Group Managing Director, is a recognized expert on security, investigations and workplace violence prevention. An attorney, Frank has over 26 years of experience integrating the law enforcement, legal and corporate communities. Frank has significant domestic and international experience investigating fraud, designing and managing corporate asset protection programs, and investigating and assessing workplace violence and other employee misconduct. His experience includes compliance and security assessments (including co-drafting security industry guidelines for Information Protection), corporate program development, and computer forensics.

RSVP
This seminar is complimentary. RSVP by giving your contact information to Meghan Stanton at [email protected] or 617.951.8924