There is a newer version of this Section
2023
2022
2021
2020
2019
Other previous versions
View our newest version here

2017 Maryland Code
Commercial Law
Title 14 - Miscellaneous Consumer Protection Provisions
Subtitle 35 - Maryland Personal Information Protection Act.
§ 14-3503. Security procedures

Universal Citation: MD Comm L Code § 14-3503 (2017)
Previous Next
  • (a) In general. -- To protect personal information from unauthorized access, use, modification, or disclosure, a business that owns or licenses personal information of an individual residing in the State shall implement and maintain reasonable security procedures and practices that are appropriate to the nature of the personal information owned or licensed and the nature and size of the business and its operations.
  • (b) Third party service provider. --
    • (1) A business that uses a nonaffiliated third party as a service provider to perform services for the business and discloses personal information about an individual residing in the State under a written contract with the third party shall require by contract that the third party implement and maintain reasonable security procedures and practices that:
      • (i) Are appropriate to the nature of the personal information disclosed to the nonaffiliated third party; and
      • (ii) Are reasonably designed to help protect the personal information from unauthorized access, use, modification, disclosure, or destruction.
    • (2) This subsection shall apply to a written contract that is entered into on or after January 1, 2009.
Previous Next
Disclaimer: These codes may not be the most recent version. Maryland may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.