As introduced: - Requires government employees to complete general cybersecurity awareness training. Establishes the cybersecurity control board to adopt a state cybersecurity code. Establishes a Massachusetts Cyber Incident Response Team. - Requires a covered entity that owns critical infrastructure to provide notice when such covered entity knows or has reason to know of a cybersecurity incident has occurred. - Creates a board to make recommendations on policies for the use of automated decision systems by government units. - Creates the Massachusetts innovation fund to make awards of financial assistance to state agencies for qualifying information technology modernization projects. - Adds cyberattacks to provisions relating to civil defense. - Adds biometric information, genetic information, health insurance information, medical information, and specific geolocation information to the definition of "personal information" in security breach provisions. Requires certain breaches to be reported to the FBI. Requires a person who experienced a breach of security to certify credit monitoring services, except in certain circumstances. - Prohibits equipping a robotic device with a weapon. - Prohibits an insurance contract from delaying the ability of a party to report a cybersecurity incident. - Creates the Cybersecurity Alliances and Partnerships Program Fund.
| Last Action | Jan 1, 1970 |
| Year | 2025 |
| Bill Type | Bill |
| Created | Jan 16, 2025 |
| Updated | Jan 16, 2025 |