Requiring a business that maintains personal information of an individual residing in the State to implement and maintain reasonable security procedures and practices that are appropriate to the nature of the personal information owned, maintained, or licensed; and altering certain requirements related to notifications of breaches of the security of systems, including the circumstances under which the owner or licensee of certain computerized data is required to notify certain individuals of a breach.

Statutes affected:
Text - First - Commercial Law - Maryland Personal Information Protection Act - Revisions: 14-3501 Commercial Law, 14-3503 Commercial Law, 14-3504 Commercial Law
Text - Third - Commercial Law - Maryland Personal Information Protection Act - Revisions: 14-3501 Commercial Law, 14-3503 Commercial Law, 14-3504 Commercial Law