Massachusetts Law About Identity Theft
ID Theft: The US Government's Central Website for Information About Identity Theft, Federal Trade Commission. Includes detailed information for consumers on what to do if you're a victim, as well as information for businesses and law enforcement, and links to federal and state laws.
MGL c.93H: Security Breaches. Enacted in 2007, mandates reporting of personal data breaches, disposal of personal information and gives the consumer the ability to place a security freeze on their credit reports.
MGL c.266, s. 37E: Use of personal identification of another; identity fraud; penalty; restitution
Interim Guidelines for the Protection of Personal Identifying Data in Publicly Accessible Court Documents, Effective September 1, 2009
201 CMR 16: Placing, Lifting and Removal of Security Freezes.
201 CMR 17: Standards for the Protection of Personal Information of Residents of the Commonwealth (effective March 1, 2010)
940 CMR 27: Safeguard of Personal Information
EO 504: Order Regarding the Security and Confidentiality of Personal Information
Fair and Accurate Credit Transactions Act of 2003 (FACTA), Pub. L. 108-159, 111 Stat. 1952. Highlights of the law include: 1) requirement that the three major credit reporting agencies provide consumers with a free copy of their own credit report every 12 months, 2) National Fraud Alert System through which consumers who suspect fraud can place an alert on their credit files and 3) requirement that account numbers on credit card receipts be truncated so that those who may have access to the receipts do not have access to consumers' names and full credit card numbers.
Identity Theft and Assumption Deterrence Act of 1998, Pub. L. 105-318, 112 Stat. 3007. Federal Trade Commission. Provides access to full text of the federal law.
Identity Theft Penalty Enhancement Act, Pub. L. 108-275, 118 Stat. 831, July 2004. Federal law that increases penalty for certain types of identity theft.
16 CFR 682.3, Disposal of Consumer Report Information and Records. Regulations promulgated under FACTA on proper disposal of consumer information.
Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003; Final Rule, November 9, 2007. Changes affect several CFR sections.
201 CMR 17 Compliance Checklist, Office of Consumer Affairs and Business Regulation. "a useful tool to aid in the development of a written information security program for a small business or individual that handles "personal information." Each item, presented in question form, highlights a feature of 201 CMR 17.00 that will require proactive attention in order for a plan to be compliant."
Attorney General's Guide on Identity Theft for Victims and Consumers, Mass. Attorney General. Includes tips for avoiding identity theft, and what to do if it happens to you.
Authentication in an Internet Banking Environment, Federal Financial Institutions Examination Council. Guidance requires increased security for online banks, beginning in 2006. Financial institutions are free to design their own security systems that meet these guidelines.
Facts on FACTA, Privacy Rights Clearinghouse. "The Fair and Accurate Credit Transaction Act of 2003, Pub. L. 108-159, 111 Stat. 1952., (FACTA) added new sections to the federal Fair Credit Reporting Act, 15 U.S.C. 1681 et seq., (FCRA) intended primarily to help consumers fight the growing crime of identity theft. Accuracy, privacy, limits on information sharing, and new consumer rights to disclosure are included in FACTA. This is all good news for consumers. However, consumers came out on the losing end when Congress virtually barred states from adopting stronger laws."
Frequently Asked Questions Regarding 201 CMR 17, Mass. Office of Consumer Affairs. Very basic information about the regulations in a question and answer format.
Identity Theft, Executive Office of Public Safety and Security. Provides basic information in the following areas: What is identity theft?, How significant is the problem?, How is it committed?, How can you avoid becoming a victim? and What should you do if you are a victim?
Identity Theft: Protect Your Credit Score, Host Merchant Services. Introductory information on how to prevent it, how to detect it, and what to do if it happens to you, with lots of links to sources for more information.
OnGuard: ID Theft, Onguard.gov. Site developed by cooperating federal agencies provides steps to take if you believe your information has been compromised, and links to additional information from government agencies.
Patrick Administration Issues Comprehensive Identity Theft Prevention Regulations and Executive Order. Explains the provisions of 201 CMR 17 and EO 504, above.
Security Freeze Information: Massachusetts, Consumers Union. In question and answer format, outlines how to place a security freeze and what happens once you've done so. Includes sample letters to credit reporting agencies.
Stopping Identity Theft: 10 Easy Steps to Security, Nolo, 2009. Identity theft-what's the problem? -- Know your credit report -- Keep prying eyes off your financial accounts -- Secure your online presence -- Spot ID theft scams before they spot you -- Be a savvy shopper -- Take control of your data -- Clamp down on thefts of your health coverage -- Watch your family's back -- Have a safe trip -- React quickly if your identity is stolen -- Stay ahead of the curve. Requires Library Card for access.
Surviving Theft of Financial Identity, Mass. Office of Consumer Affairs. What to do when it happens to you.
Take Charge: Fighting Back Against Identity Theft, Federal Trade Commission. Explains steps to take if you believe you are a victim of identity theft.
Data Security and Identity Theft, MCLE, 2009.
Drafting Employment Documents in Massachusetts, MCLE, loose-leaf. Exhibit 9D in the 2010 Supplement: "Advisory of Mass. Data Security Law."
Stopping Identity Theft: 10 Easy Steps to Security, Nolo, 2009.