February 7, 2023

Volume XIII, Number 38


February 06, 2023

Subscribe to Latest Legal News and Analysis

Massachusetts Information Security and Privacy Act Sent to “Study”

It does not look as though Massachusetts will be state number 6 to enact a comprehensive data privacy law – or at least not the one that people have been talking about.  The Massachusetts Joint Committee on Health Care Financing has voted to send House Bill 4514, An Act Establishing the Massachusetts Information Security and Privacy Act to “study.”  This action by the influential legislative committee signals that this particular bill is not likely to advance during the current legislative session which concludes at the end of the calendar year.

HB 4514 would have updated and expanded many data privacy and security laws in Massachusetts and would have impacted consumers and businesses alike.  For example, the bill would have mandated that companies provide notices on how customers’ personal information is used and would have limited how such information could be used.  The bill would have provided consumers with a right to opt-out of targeted advertising and would have established a private right of action for security breaches.

By taking this action, the Health Care Financing Committee is keeping HB 4514 under its purview but, contrary to the designation of a “study”, will not further review the merits of the bill.  The bill is essentially shelved by the committee.  However, there are a variety of procedural and tactical ways in which the provisions of this bill could be revived in the coming months; for instance, any legislator could file the bill or any of its provisions as an amendment to any other relevant bill that may be advancing in the legislature.  In addition, there is a nearly identical bill under review in the Massachusetts Senate, S. 2687.  Thus, there is still an outside chance that the legislature could debate and pass legislation related to data privacy and security before the end of the year.

©1994-2023 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.National Law Review, Volume XII, Number 153

About this Author

Cynthia Larose Privacy Attorney Mintz Levin
Chair, Privacy & Cybersecurity Practice

Cynthia is a highly regarded authority in the privacy and security field and a Certified Information Privacy Professional (CIPP). She handles the full range of data security issues for companies of all sizes, from start-ups to major corporations. Cynthia is masterful at conducting privacy audits; crafting procedures to protect data; advising clients on state, federal, and international laws and regulations on information use and data security; helping organizations respond to breaches; and planning data transfers associated with corporate transactions. She is an in-...

Dan Connelly ML Strategies
ML Strategies - Senior Vice President and Compliance Officer

Dan is Vice President of Government Relations for ML Strategies. He has been directing policy in Massachusetts and the New England region for more than a decade. Dan represents trade associations and businesses across industries with interests before the executive, legislative, regulatory and municipal areas of government throughout New England.

Most recently, Dan served as Legislative Counsel in the Boston office of a large, international law firm. He previously served as the chief legal counsel to the Massachusetts Senate Committee on Ways and...