Recent amendments to the Massachusetts breach notification law provide greater protections to consumers in the commonwealth as well as additional obligations for the regulated community. Businesses now must both be more forthcoming about data breaches and take further steps to protect consumers. In strengthening its existent law, Massachusetts joins other states, including Arizona, Colorado and Oregon, that have toughened their data breach notification statutes in the not-too-distant past. With insight from Ropes & Gray partner Mark Szpak, the Cybersecurity Law Report examines what the revisions mean for the regulated community. See “Analyzing New and Amended State Breach Notification Laws” (Jun. 6, 2018).