Massachusetts amended its data breach notification law to require the sharing of certain information with state regulators by an unspecified deadline when a breach occurs. However, don’t let the unspecified time frame fool you, lawyers warned. Companies are now under a heightened pressure to notify regulators of breaches as soon as possible—with room to issue a revised notice later.

The measure set to go into effect by April 11 includes new language extending free credit monitoring and other rights to residents whose information was breached. Breached entities are also required to share more information in breach notification letters to the Massachusetts attorney general and director of consumer affairs and business regulation.