The Commonwealth of Massachusetts has enacted a law to protect personal information and data. This law went into effect on March 1, 2010.
The law applies to any record, whether electronic or paper, containing personal information about an individual. It requires the College to establish, maintain, and monitor a comprehensive, written security program that meets specific Commonwealth standards. The law defines “personal information or data” as:
A mobile device such as a smart phone or tablet that connects to the Amherst College email servers and other institutional data servers can be a substantial security risk for the College. To reduce the risk, the College has adopted the following policies.