Protection for Publicly Available Information in the Courts

The Justices of the Supreme Judicial Court recently approved Interim Guidelines designed to protect against identity theft by having court filers omit or delete certain personal identifying information, such as social security numbers, in criminal and civil court documents. The Guidelines for the Protection of Personal Identifying Data (PID) in Publicly Accessible Court Documents  are non-binding and took effect on September 1, 2009.

The Interim Guidelines and a summary fact sheet  are available below and in court clerks' offices statewide.  

Interim Guidelines for the Protection of Personal Identifying Data in Publicly Accessible Court Documents pdf format of Guidelines - Protection of Personal Identifying Data   
Summary of Interim Guidelines pdf format of INterim Guidelines Summary-Protection of Personal Data  

Protection for Non-Public Information in the Courts

The Supreme Judicial Court has issued an Order regarding safeguarding certain non-public personal information collected and maintained in the Judicial Branch. The order, issued under G.L.c. 93H, governs the security and confidentiality of personal information as defined in that statute. The personal information covered by the Order does not include publicly available information.

The Order requires the Trial Court, the Appellate Courts and court affiliates to develop, implement and maintain written information security programs applicable to records containing personal information. The security programs are to ensure that courts collect the minimum personal information needed to accomplish the purpose for which the information is collected; securely protect the information from unauthorized access and disclosure; provide access to the information only as necessary; and destroy the information when it is no longer needed. The security programs will require notification to the appropriate Chief Justice of any breach of security of personal information.  

Additionally, the Order requires courts to review the type of personal information collected with the goal of identifying any that need not be collected or maintained. Contractors will be required to comply with the provisions of all information security programs that apply to the work they will be performing.

Order Regarding Protection of Personal Information pdf format of SJC Order re: Protection of Personal Information

Written Information Security Program  for Non-Public Documents ("WISP")
This Written Information Security Program ("WISP") sets forth standards for the protection of personal information in non-public documents held by the Massachusetts  courts. This WISP implements the provisions of the Supreme Judicial Court Order Re:  Protection of Personal Information in the Judicial Branch dated January 7, 2010, which was issued pursuant to G. L. c. 93H, §2(c). The WISP sets forth the standards applicable to the Supreme Judicial Court, the Appeals Court and all departments of the Trial Court ("Courts") for collecting, storing, using, transmitting, and protecting electronic and physical records containing personal information.

Written Information Security Program for Non-Public Documents and Summary of the Practical Impact of the Written Information Security Program for Non-Public Documents pdf format of Summary - Impact of Written Information Security Prgm