As a flurry of new laws are being passed by state and federal governments to protect personal information, companies are quickly finding their processes and practices are not in compliance with new regulations and they must act quickly to protect their company, employees, and customers.

A new Massachusetts privacy law is a game changer; it is the first in a series of laws that will be passed in the US and it is set to take effect on March 1. When this new law goes into effect in just a couple of weeks, few companies will be compliant. The new law says that any company in the United States that possesses personally identifiable information (PII) pertaining to customers or employees that are Massachusetts residents, will be required to create an inventory of all paper and electronic records and media that contain PII, maintain a written security policy that includes disciplinary measures for violations, and further they must perform regular threat assessments.

Massachusetts is the first state demanding companies take proactive measures to protect the PII and other confidential information of their residents, and more states are sure to follow suit. All companies will be impacted by these regulations, and since many companies will not be compliant on the March 1 deadline they will have to act quickly to ensure they are meeting the requirements of this new law.