On March 10, 2010, Massachusetts' new data safety legislation will take effect. This law, known as 201CMR17, requires all organizations who manage data to have a pro-active plan for preventing identity theft and other problems due to insecure systems and practices.

Long time advocate for simple, everyday security consciousness, Adam Frost, has provided a good beginning point for planning at http://www.201cmr17.com/. His company, Computer Care and Learning, provides consulting support in creating compliance plans.