|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Ch. 531
|
|
|
|
|
2007 Laws of Maryland
|
|
|
|
|
|
|
|
|
|
|
(III) A FINANCIAL ACCOUNT NUMBER, INCLUDING A CREDIT
CARD NUMBER OR DEBIT CARD NUMBER, THAT IN COMBINATION WITH ANY
REQUIRED SECURITY CODE, ACCESS CODE, OR PASSWORD, WOULD PERMIT
ACCESS TO AN INDIVIDUAL'S FINANCIAL ACCOUNT; OR
(IV) AN INDIVIDUAL TAXPAYER IDENTIFICATION NUMBER;
OR
(IV) A CONSUMER REPORT, AS DEFINED IN § 14-1201 OF
THIS TITLE.
(2) "PERSONAL INFORMATION" DOES NOT INCLUDE:
(I) PUBLICLY AVAILABLE INFORMATION THAT IS
LAWFULLY MADE AVAILABLE TO THE GENERAL PUBLIC FROM FEDERAL, STATE,
OR LOCAL GOVERNMENT RECORDS;
(II) INFORMATION THAT AN INDIVIDUAL HAS CONSENTED
TO HAVE PUBLICLY DISSEMINATED OR LISTED; OR
(III) INFORMATION THAT IS DISSEMINATED OR LISTED IN
ACCORDANCE WITH THE FEDERAL HEALTH INSURANCE PORTABILITY AND
ACCOUNTABILITY ACT.
(D)(E) "RECORDS" MEANS INFORMATION THAT IS INSCRIBED ON A
TANGIBLE MEDIUM OR THAT IS STORED IN AN ELECTRONIC OR OTHER MEDIUM
AND IS RETRIEVABLE IN PERCEIVABLE FORM.
14-3502.
(A) IN THIS SECTION, "CUSTOMER" MEANS AN INDIVIDUAL RESIDING IN
THE STATE WHO PROVIDES PERSONAL INFORMATION TO A BUSINESS FOR THE
PURPOSE OF PURCHASING OR LEASING A PRODUCT OR OBTAINING A SERVICE
FROM THE BUSINESS.
(B) WHEN A BUSINESS IS DESTROYING A CUSTOMER'S RECORDS THAT
CONTAIN PERSONAL INFORMATION OF THE CUSTOMER, THE BUSINESS SHALL
TAKE REASONABLE STEPS TO PROTECT AGAINST UNAUTHORIZED ACCESS TO OR
USE OF THE PERSONAL INFORMATION, TAKING INTO ACCOUNT:
(1) THE SENSITIVITY OF THE RECORDS;
|
|
|
|
|
|
|
|
- 3456 -
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|