April 2, 2012
On March 21st the Massachusetts Attorney General announced that a property management firm was fined $15,000 after the theft of a company laptop containing the personal information of over 600 Massachusetts residents.
According to the Massachusetts Attorney General, an employee of the property management company had a laptop containing unencrypted personal information stolen from her car during the night. This incident was found to be in violation of Massachusetts’ Data Breach Regulation.
In addition to paying $15,000 in civil penalties the company must:
- Ensure that personal information is not unnecessarily stored on portable devices;
- Ensure that all personal information stored on portable devices is properly encrypted;
- Ensure that all portable devices containing personal information are stored in a secure location; and
- Effectively train employees on the policies and procedures with respect to maintaining the security of personal information