The following article was brought to my attention yesterday:

http://www.sqlmag.com/print/sql-server/A-New-Law-that-Will-Change-the-Way-You-Build-Database-Applications.aspx

 

It references the following article:

http://www.informationweek.com/news/security/government/showArticle.jhtml?articleID=224400426&queryText=massachusetts%20cmr

 

These articles describe a new data protection law for the state of Massachusetts – any “personally identifiable information” (such as first and last name) for any resident of the state of Massachusetts must be encrypted in your database and “over the wire”.  Fines may be levied in the order of $5000 per instance.  Organizations based outside the state of Massachusetts (having information about residents of the state of Massachusetts in their databases) are affected as well.



__________ Information from ESET NOD32 Antivirus, version of virus signature database 5072 (20100429) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com