Web-based service will help reduce potential damage to Bay State residents

Lawmakers in Massachusetts have launched a new portal that allows businesses and organizations to provide data breach notifications online.

The service, which was introduced on Friday by Massachusetts Attorney General Maura Healey, streamlines the breach notification process by removing the need for organizations to mail a hard copy notice.

Enacted in 2007, the Massachusetts Data Breach Notification Law requires businesses and others that own or license personal information of Massachusetts residents to notify the Office of Consumer Affairs and Business Regulation and the Office of Attorney General when they know or have reason to know of a breach of security.

“Data breaches are damaging, costly and put Massachusetts residents at risk of identity theft and financial fraud – so it’s vital that businesses come forward quickly after a breach to inform consumers and law enforcement,” said Attorney General Healey.

“This new feature allows businesses to more efficiently report data breaches so we can take action and share information with the public.”

Since November 2007, the Attorney General’s Office has received notice of more than 21,000 breaches, with 3,821 breaches reported in 2017 affecting more than 3.2 million residents.

A database that allows members of the public to view information online about reported data breaches is expected to be available on the Attorney General’s website in the coming weeks.

It will allow consumers to see which businesses have reported data breaches and when, as well as the estimated number of affected Massachusetts residents.