Code of Massachusetts Regulations
940 CMR - OFFICE OF THE ATTORNEY GENERAL
Title 940 CMR 27.00 - Safeguard Of Personal Information
Section 27.01 - Scope, Purpose, and Other General Provisions
Current through Register 1531, September 27, 2024
(1) Applicability. These regulations are applicable to the Office of the Attorney General ("AGO").
(2) Purpose. The Attorney General promulgates 940 CMR 27.00, relating to the Safeguard of Personal Information, pursuant to her authority in M.G.L. c. 93H, § 2 (c).
(3) The purpose of 940 CMR 27.00 is to effectuate the purpose of M.G.L. c. 93H, that is, to: ensure the security and confidentiality of consumer and employee information in a manner fully consistent with industry standards; to protect against anticipated threats or hazards to the security or integrity of such information; and to protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any resident of the commonwealth.
(4) Scope. These regulations govern the collection, maintenance, and disclosure of "personal information" as defined by M.G.L. c. 93H, § 1(a), and 940 CMR. 27.00, et seq., by the AGO.
(5) Consistency. These regulations should be read consistently with other state or federal laws and regulations applicable to the AGO and already in place, including but not limited to the public records laws (e.g., M.G.L. c. 66, § 10; the Fair Information Practices Act, M.G.L. c. 66A, § 1, et seq.; the Criminal Offender Record Information Act, M.G.L. c. 6, §172, et seq.; 940 CMR 11:00, et. seq.).
(6) Limitation. These regulations are not intended to establish a standard of care or create any independent private right, remedy, or cause of action on the part of any employee, consumer, or other third party on account of any action the AGO takes or fails to take in relation to the Written Information Security Program ("WISP").