I'm assuming this could have some far reaching consequences for managing
PII for Massachusetts initially, but potentially for others.

Seeing as a "zip code" which is shared by hundreds of thousands of people
and as "unique" as it gets is down to maybe 4000 homes when a "plus four"
is appended to it,  is now considered to be protected information... does
this mean anyone who has documents/data stored with third-party providers
in either paper or electronic form requires a Business Associates Agreement
to protect them from exposing this data?

I'm also wondering if similar to the "security breach" laws in California,
which protect the information of anyone who is a CA resident, even if it is
stored outside of the State, will apply to this transactional data for MA
residents for transactions with out-of-state vendors?  Given people
purchase many high value items with credit cards now to increase their
bonus points or free airline miles, many purchase contracts for credit card
purchases will include addresses and zip codes.  Even an invoice from a
hotel has your zip code on it.

[log in to unmask]

*Lawrence J. Medina
Danville, CA
RIM Professional since 1972***

List archives at
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]