Identity Theft Prevention

The Alumnae Association has adopted an information security policy in compliance with Massachusetts regulation 201 CMR 17.00. Many states have adopted similar legislation for the prevention of identity theft due to misuse of “personal information.” This regulation, or regulations in your state, may have an impact on your class or club.

What the regulation means

The Massachusetts regulation requires the protection of “personal information,” defined as “a Massachusetts resident’s first name and last name or first initial and last name in combination with any one or more of the following data elements that relate to such resident: (a) Social Security number; (b) driver’s license number or state-issued identification card number; or (c) financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to a resident’s financial account.”

Who is affected

Practical suggestions for volunteers are outlined on page 8 of the Association’s policy (link below). Regulation 201 CMR 17.00 directly applies to Massachusetts residents only. However, it is likely that the majority of, if not all, classes and clubs are affected when a Massachusetts resident attends an event in any state, makes a donation, or is otherwise involved in a financial transaction. The Association recommends that you investigate state-specific legislation and adopt an information security policy.


Practical suggestions for volunteers are outlined on page 8 of the Alumnae Association Policy. It is important that financial and credit-card information be kept confidential and that only volunteers who have a need to know are permitted access to personal information (i.e. bank account and credit-card numbers, expiration dates, card-holder’s name, etc.).