Welcome news for companies that maintain personal information of Massachusetts residents: The state’s Office of Consumer Affairs and Business Regulation has once again eased and delayed new identity theft regulations that require companies to encrypt personal information stored on portable devices or transmitted wirelessly or on public networks.
The latest delay, announced Feb. 12, gives companies an extra eight months to prepare for the new rules, which now take effect Jan. 1, 2010. The regulations were originally scheduled to take effect on Jan. 1, 2009, but were later delayed until May 1 of this year.
