Massachusetts Launches New Online Breach Reporting Form
On Monday, February 5, 2018, the Massachusetts Attorney General’s Office (AGO) sent an e-mail blast regarding their new online form for businesses needing to report breaches under Chapter 93H of the Massachusetts General Laws. As of February 1, 2018, the AGO has a new online form that businesses may use for reporting such breaches in lieu of sending a paper letter or e-mail to the AGO; however the AGO still allows both those reporting methods. Using the new online form also allows the business notifying the AGO of the breach to attach additional documents to the notification, e.g. a sample of the breach notice sent to affected Massachusetts residents. While the AGO does not require businesses to use the new online form, it believes that the new form will be more useful and efficient. The new online form can be accessed from the AGO’s website here. Additionally, in the coming weeks Massachusetts expects to launch a breach notification database, allowing persons to search breaches reported by businesses, when such breaches occurred and how many residents the breach affected.
It is worth noting that the United States Health and Human Services Office of Civil Rights has a similar database for HIPAA breaches that affected over five hundred persons. The Health Care community colloquially dubbed that database the “Wall of Shame.” We will wait and see if the Massachusetts database receives any nickname.