May 18, 2024
Volume XIV, Number 139
Home
Legal Analysis. Expertly Written. Quickly Found.
Login

Trending News

Maryland Again Amends its Data Breach Notification Law
Monday, December 9, 2019
data pricvacy in the hands of business professional
Print Mail Download i

In response to trends, heightened public awareness, and a string of large-scale data breaches, states continue to enhance their data breach notification laws. In 2017 Maryland amended its Personal Information Protection Act (PIPA) with expansion of the definition of personal information, modification of the definition of “breach of the security of the system”, establishing a 45-day timeframe for notification and expansion of the class of information subject to Maryland’s data destruction laws. Now, Maryland has again amended PIPA, with HB 1154 in effect from October 1, 2019, notably enhancing the requirements for a business once it becomes aware of a data security breach.

Under PIPA, prior to HB 1154, a business that owns or licenses personal information aware of a data security breach was required to conduct a reasonable, prompt and good faith investigation to determine the likelihood that personal information had been or will be misused as a result of the breach. The new amendment expands covered businesses to include all businesses that own, license or maintain the personal information of Maryland residents.

That said, if a business that maintains the personal information incurs a breach, it is still the obligation of the business that owns or licenses that information to notify effected residents of the breach. Moreover, if the business that incurs the breach is not the owner or licensee of the personal information, the business may not charge the owner or licensee a fee for providing information that the owner or licensee needs to make a notification.

In addition, a business that owns or licenses personal information cannot use information related to the breach for any purpose other than for:

  • Providing notification of the breach;

  • Protecting or securing personal information; or

  • Providing notification to national information security organizations created for information sharing and analysis of security threats, to alert and avert new or expanded breaches.

New trends likely will continue to prompt amendments to state data breach notifications laws. Businesses should develop their incident response plans with flexibility as a key component to ensure compliance with the most current breach notification requirements.

Jackson Lewis P.C. © 2024

Current Legal Analysis

More from Jackson Lewis P.C.

Utah Updates to Breach Notification Requirements Take Effect
by: Dorothy Parson McDermott
State Department Announces New J-1 Visa Japanese Specialist Program
by: Immigration Team at Jackson Lewis
The New Minimum Salary Requirements for Exempt Executive, Administrative and Professional Employees—Your Questions Answered [Podcast]
by: Justin R. Barnes , Jeffrey W. Brecher
EEOC Enforcement Guidance on Workplace Harassment: Impact on a Term, Condition, or Privilege of Employment
by: Stephanie L. Adler-Paindiris , Stephanie E. Satterfield
Disputing What ‘Dispute’ Means: Courts Debate When Ending Forced Arbitration Act Applies
by: Scott P. Jang , Samia M. Kirmani
DOL’s Controversial Retirement Security Rule Faces Immediate Legal Challenge
by: Robert R. Perry
California Supreme Court Upholds Good Faith Belief Defense for Certain Wage Statement Penalties
by: Leonora M. Schloss
EEOC Enforcement Guidance on Workplace Harassment: Covered Bases and Causation
by: Stephanie L. Adler-Paindiris , Stephanie E. Satterfield
California District Court Dismisses Conclusory ERISA “Fee” Complaint Unsupported by Facts
by: Alex E. Hotard , Phillip C. Thompson
The Importance of Whistleblower Protection and Wellbeing in the Age of Mental Health Awareness
by: James D. McGuire

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins

 

Logo-white

Legal Disclaimer

You are responsible for reading, understanding and agreeing to the National Law Review's (NLR’s) and the National Law Forum LLC's  Terms of Use and Privacy Policy before using the National Law Review website. The National Law Review is a free to use, no-log in database of legal and business articles. The content and links on www.NatLawReview.com are intended for general information purposes only. Any legal analysis, legislative updates or other content and links should not be construed as legal or professional advice or a substitute for such advice. No attorney-client or confidential relationship is formed by the transmission of information between you and the National Law Review website or any of the law firms, attorneys or other professionals or organizations who include content on the National Law Review website. If you require legal or professional advice, kindly contact an attorney or other suitable professional advisor.  

Some states have laws and ethical rules regarding solicitation and advertisement practices by attorneys and/or other professionals. The National Law Review is not a law firm nor is www.NatLawReview.com  intended to be  a referral service for attorneys and/or other professionals. The NLR does not wish, nor does it intend, to solicit the business of anyone or to refer anyone to an attorney or other professional.  NLR does not answer legal questions nor will we refer you to an attorney or other professional if you request such information from us. 

Under certain state laws the following statements may be required on this website and we have included them in order to be in full compliance with these rules. The choice of a lawyer or other professional is an important decision and should not be based solely upon advertisements. Attorney Advertising Notice: Prior results do not guarantee a similar outcome. Statement in compliance with Texas Rules of Professional Conduct. Unless otherwise noted, attorneys are not certified by the Texas Board of Legal Specialization, nor can NLR attest to the accuracy of any notation of Legal Specialization or other Professional Credentials.

The National Law Review - National Law Forum LLC 2020 Green Bay Rd., Suite 178, Highland Park, IL 60035  Telephone  (708) 357-3317 or toll free (877) 357-3317.  If you would ike to contact us via email please click here.

Copyright ©2024 National Law Forum, LLC