New Massachusetts Privacy Laws – Data Destruction
[Updated October 15, 2009 for compliance with new amendments to the regulations]
by Stephen E. Meltzer, Esq., CIPP
Data Destruction Requirements
Chapter 93I, which was enacted along with Chapter 93H, contains specific requirements regarding the destruction of data after there is no longer a legitimate need for retention. The Statute requires, with regard to documents in paper form, that they be subject to redaction, burning, pulverizing, and/or shredding such that personal information cannot be read or reconstructed. With respect to personal information stored on electronic media, the media also needs to be destroyed in such a fashion that personal information cannot be read or reconstructed.
Coupled with these requirements are various data retention rules and regulations. An intelligent data retention policy will incorporate the timing and process requirements for data destruction and be compliant with all of these rules.
Popularity: 30% [?]
Related posts:
- New Massachusetts Privacy Laws – Who is Regulated [Updated October 15, 2009 for compliance with new amendments to the regulations]...
- Introduction to the New Massachusetts Privacy Laws [Updated October 15, 2009 for compliance with new amendments to the regulations]...
- New Massachusetts Privacy Laws – Computer Security [Updated October 15, 2009 for compliance with new amendments to the regulations]...
- New Massachusetts Privacy Laws – Breach Notification Requirements [Updated October 15, 2009 for compliance with new amendments to the regulations]...
- New Massachusetts Privacy Laws – The WISP [Updated October 15, 2009 for compliance with new amendments to the regulations]...
- New Massachusetts data privacy regulations posts updated I went back yesterday and updated the posts outlining the new Massachusetts...
Support the LCA Trust