Section 10-1307 – Requirements for Notice to 1,000 or More Individuals
(a) If a unit is required under § 10–1305 of this subtitle to give notice of a breach of the security of a system to 1,000 or more individuals, the unit also shall notify, without unreasonable delay, each consumer reporting agency that compiles and maintains files on consumers on a nationwide basis, as defined by 15 […]
Section 10-1504 – Duties of Council
(a) The Council shall promote the policy established under § 10–1502 of this subtitle by: (1) providing guidance and policy recommendations and when appropriate recommend legislation and regulations for: (i) procedures, standards, and other deliverables for open data, including for open data portals; (ii) promotion, advertising, and marketing of open data; and (iii) best practices for sharing open data while […]
Section 10-1308 – Compliance With Federal Privacy Law Provisions Deemed Compliant With Subtitle
A unit or nonaffiliated third party that complies with § 501(b) of the federal Gramm–Leach–Bliley Act; 15 U.S.C. § 6801, § 216 of the federal Fair and Accurate Credit Transactions Act; 15 U.S.C. § 1681w Disposal of Records; the federal Interagency Guidelines Establishing Information Security Standards; and the federal Interagency Guidance on Response Programs for […]
Section 10-1601 – Definitions
(a) In this subtitle the following words have the meanings indicated. (b) “Electronic” means relating to technology having electrical, digital, magnetic, wireless, optical, electromagnetic, or similar capabilities. (c) “Legal material” means, whether or not in effect, the following: (1) the Maryland Constitution; (2) the Session Laws; (3) the Code of Maryland; (4) the Maryland Rules; (5) the Journal of the Senate of Maryland; […]
Section 10-13A-01 – Definitions
** TAKES EFFECT OCTOBER 1, 2024 PER CHAPTER 429 OF 2020 ** (a) In this subtitle the following words have the meanings indicated. (b) (1) “Breach of the security of a system” means the unauthorized acquisition of personally identifiable information maintained by a public institution of higher education that creates a reasonable risk of harm to the individual […]
Section 10-1602 – Applicability of Subtitle
This subtitle applies to all legal material in an electronic record that is: (1) designated as official under § 10–1603 of this subtitle; and (2) first published electronically on or after October 1, 2017.
Section 10-13A-02 – Inapplicable to Certain Personally Identifiable Information — Compliance With Laws
** TAKES EFFECT OCTOBER 1, 2024 PER CHAPTER 429 OF 2020 ** (a) This subtitle does not apply to personally identifiable information that: (1) is publicly available information that is lawfully made available to the general public from federal, State, or local government records; (2) an individual has consented to have publicly disseminated or listed; (3) except for a […]
Section 10-13A-03 – Review and Designation as Systems of Record — Privacy Governance Program — Information Security and Risk Management Program — Privacy Notices
** TAKES EFFECT OCTOBER 1, 2024 PER CHAPTER 429 OF 2020 ** (a) Each public institution of higher education shall review and designate systems within the public institution of higher education as systems of record based on the following criteria: (1) the risk posed to individuals by the personally identifiable information processed and stored on the systems; […]
Section 10-13A-04 – Investigation of Breaches of Security — Duties Upon Finding of Occurrence
** TAKES EFFECT OCTOBER 1, 2024 PER CHAPTER 429 OF 2020 ** (a) If a public institution of higher education collects personally identifiable information of an individual and discovers or is notified of a breach of the security of a system, the public institution of higher education shall conduct in good faith a reasonable and prompt […]
Section 10-1106 – Central Coordination and Technical Assistance; Minimum Standards
(a) The Department of Human Services, in consultation with the Office of the Attorney General and the Department of Information Technology, shall provide central coordination and technical assistance to State departments, agencies, and programs to aid compliance with this subtitle. (b) (1) The Department of Information Technology shall establish minimum standards to which the equal access versions of […]