Blog
Stolen Laptop Results in $15,000 Fine In Massachusetts
Blog
April 4, 2012
Maloney Properties Inc., a Massachusetts property management company, recently agreed to pay $15,000 in civil penalties after an employee’s laptop, containing the personal information of approximately 620 residents, was stolen from the employee’s car. In addition to the civil penalties, the company entered to an Assurance of Discontinuance, in which the company agreed to comply with the provisions of its own “Written Information Security Program,” ensure that company-owned laptops and portable devices are kept in a secure location at all times, ensure that personal information maintained on portable devices is encrypted, and train its workforce on its policies and procedures for safeguarding personal information. In a recent press release, Massachusetts Attorney General Martha Coakley stated, "It is incredibly important that businesses ensure that laptops and other technology have the necessary encryption to protected consumers from identity theft. We will continue to make sure that companies understand their responsibilities under the data privacy laws and are held accountable when they do not adhere to them."
TIP: While Massachusetts is one of the few states with very clear data protection laws on the books, most states have notice laws that require disclosure to individuals in the event of a breach. This case serves as a reminder that state attorneys general may look closely at data breach issues. Having clear security standards in place, and ensuring they are followed, can help avoid breach situations. For unavoidable events, it is important to have a plan in place that not only provides notice, but also quickly addresses potential attorney general concerns.
This entry has been created for information and planning purposes. It is not intended to be, nor should it be substituted for, legal advice, which turns on specific facts.