Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Maryland amends security breach notification requirements

State Issues State Legislation Privacy/Cyber Risk & Data Security Data Breach

State Issues

On April 30, the Maryland governor signed HB 1154 to amend current law related to security breach notification requirements. Among other provisions, HB 1154 (i) requires businesses that own, license, or maintain computerized data that includes a resident’s personal information to conduct a reasonable, prompt investigation in the event of a security breach to determine whether the personal information has been, or is at risk of, being misused due to the breach; (ii) requires business to provide notice to the affected individuals; (iii) stipulates that businesses may not charge fees when providing necessary information to an owner or licensee who is required to provide notice to affected individuals; and (iv) provides restrictions concerning the use of the computerized data relative to the security breach. The amendments take effect October 1.