There’s a new Massachusetts regulation that affects nonprofits that access or store personal information provided by residents in the state. Do you accept gifts from Bay State donors and process their credit cards? Process or save copies of their checks? Are you seeing or holding the Social Security numbers of constituents?
A “yes” to any of these brings your organization within the purview of Title 201 of the Code of Massachusetts Regulations Section 17.00, Standards for the Protection of Personal Information of Residents of the Commonwealth. And compliance isn’t pretty.