Massachusetts Attorney General Maura Healey recently announced that her office will be launching a new online data breach reporting portal for companies to use to report data breaches to her office pursuant to the Massachusetts data breach notification statute.
The use of the portal is voluntary and does not relieve companies of their statutory obligations, including notifying the Massachusetts Office of Consumer Affairs and Business Regulation (which has changed its location and address).
AG Healey will also soon provide an electronic database that residents can use to view information about data breaches, including which businesses have reported data breaches, when the data breach was reported and the estimated number of Massachusetts residents affected by the incident.
According to Healey, her office has been notified of 21,000 breaches since 2007, including 3,821 incidents that affected more than 3.2 million Massachusetts residents in 2017.