|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Ch. 532
|
|
|
|
|
|
2007 Laws of Maryland
|
|
|
|
|
|
|
|
|
|
|
|
|
|
under certain circumstances; requiring a certain business that owns or licenses
certain personal information of an individual residing in the State to implement
and maintain certain security procedures and practices under certain
circumstances; requiring certain businesses that own, license, or maintain
computerized data that includes certain personal information of an individual
residing in the State to conduct a certain investigation and conduct a certain
investigation and notify certain persons of a breach of the security of a system
under certain circumstances; specifying the time at which notification must be
given; specifying the contents of the notification; authorizing notification to be
given in a certain manner; requiring certain businesses to retain certain records
for a certain period of time under certain circumstances; providing that a waiver
of certain provisions of this Act is contrary to public policy and is void and
unenforceable; providing that compliance with certain provisions of this Act
does not relieve a certain business from a duty to comply with certain other
requirements of federal law; providing that the provisions of this Act are
exclusive and shall preempt any provision of local law; requiring a business to
report to certain consumer reporting agencies on the breach of the security of a
system under certain circumstances; requiring a business to provide notice of a
breach of the security of a system to the Office of the Attorney General prior to
giving a certain notification: providing that certain businesses and affiliates
shall be deemed to be in compliance with the requirements of this Act under
certain circumstances; providing that a violation of this Act is an unfair or
deceptive trade practice within the meaning of the Maryland Consumer
Protection Act and is subject to certain enforcement and penalty provisions;
defining certain terms; providing for a delayed effective date; and generally
relating to the protection of personal information contained in the records of
businesses, owned or licensed by businesses, or included in computerized data
owned, licensed, or maintained by businesses.
BY adding to
Article - Commercial Law
Section 14-3501 through 14-3508 to be under the new subtitle "Subtitle 35.
Maryland Personal Information Protection Act"
Annotated Code of Maryland
(2005 Replacement Volume and 2006 Supplement)
SECTION 1. BE IT ENACTED BY THE GENERAL ASSEMBLY OF
MARYLAND, That the Laws of Maryland read as follows:
Article - Commercial Law
SUBTITLE 35. MARYLAND PERSONAL INFORMATION PROTECTION ACT.
14-3501.
|
|
|
|
|
|
|
|
|
|
- 3464 -
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
