Telecommunications providers in Massachusetts will be grappling with a new data security law that legal experts indicate is among the most forward-looking in the nation. The state law requires businesses that "own, license, store or maintain personal information" on customers to encrypt that data, especially on portable devices such as laptops. That responsibility is extended from the primary business to contractors, such as telemarketing firms, and it extends to transmissions on wireless devices such as BlackBerries. "This law is very ahead of the curve," said Miriam Wugmeister, a partner with Morrison Foerster, a law firm that tracks trends in data security law. Currently, the law takes the view that companies had wide leeway to collect data — such as Social Security numbers, driver's licenses and financial account numbers — as long as it did not cause overt harm to the consumers. The Massachusetts law is reflective of European law, which places more restrictions on data collection. The legislation is not unlike rules that now govern the way hospitals protect and contain the release of patient information, Wugmeister said.
