Massachusetts General Law 93H & 93I

Massachusetts General Laws 93H & 93I

are in effect! Are you compliant?

Click me

What is Massachusetts General Law 93H & 93I?

93H requires all businesses in Massachusetts to take serious measures to prevent identity theft. Any business holding the name of a Massachusetts resident and their Social Security Number, Driver’s License Number, or financial account number (including credit or debit card numbers) is subject to this new  Massachusetts data protection law.

What are you required to do?

  1. Have controls on employees’ access of sensitive information, including physical security safeguards, computer user access levels and user authentication protocols.

  2. Detail security measures on computer information systems, including data encryption, anti-virus and anti-spyware software, and firewalls.

  3. Periodic review of audit trails and monitoring of systems for unauthorized access.

  4. Proper disposal (shredding, pulverizing) of sensitive information

93I requires a written policy regarding the disposal of sensitive information. By downloading the compliance packet at the top of this page, you will be able to see an example of a written policy (written information security policy) by viewing Safeguard Records Management's WISP.

What are the penalties for non-compliance?

  1. A violation of 93H levies fines of up to $5000 per record compromised.

  2. A violation of 93I levies fines of up to $100 per record compromised with a maximum of $50,000.

  3. This does not take into consideration the loss of your company’s hard-earned reputation and the potential loss of credit.

Your Partner in 93H & 93I compliance

 Safeguard Records Management can partner with your firm, business, or office to help ensure your compliance with Massachusetts General Laws 93H & 93I by providing secure, documented and certified shredding of sensitive Massachusetts resident information as well as aiding in the formulation of your own Written information Security Policy. By filling out the form to the right, you are one step closer to reaching compliance with 93H & I.


Read the full text 93H here –

Read the full text 93I here –