The Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) has promulgated notices that it is soliciting public input on possible changes to its toughest protection rules in the nation at 201 CMR 17.00, as well as to the related 201 CMR 16.00 requirements that companies subject to a data breach must offer security freeze services to affected consumers who reside in the Commonwealth.

A live public comment session is scheduled for Tuesday, July 14, 2015, from 1:00-2:30 PM in the State Transportation Building, and written comments are due to the OCABR no later than Tuesday, July 21, 2015. Read the full notice.

The OCABR public comment opportunity seeks to implement Governor Baker’s directive in Executive Order 562 (March 31, 2015) requiring state agencies to undertake a comprehensive review of all existing rules and  eliminate or modify those provisions that are excessively burdensome, confusing or redundant. Following receipt of public input, OCABR will initiate a formal rulemaking process intended to enact updated rules by the first quarter of 2016.


If you have any questions about the upcoming comment process regarding the 201 CMR 16.00 and 17.00 requirements, please contact Robert J. Munnelly, Jr. , or a member of our Regulatory and Administrative Law Practice.

Return to Resources