Maryland Amends Data Breach Law

Hunton Andrews Kurth writes:

Maryland Governor Larry Hogan recently signed into law House Bill 1154 (the “Bill”), which amends the state’s data breach notification law. Among other obligations, the amendments expand the required actions a business must take after becoming aware of a data security breach.

Under the existing data breach notification law, a business that owns or licenses personal information and becomes aware of a data security breach must conduct a reasonable, prompt and good faith investigation to determine the likelihood that personal information has been or will be misused as a result of the breach. The Bill expands this investigatory requirement to apply expressly to all businesses that own, license or maintain the personal information of Maryland residents.

British institutions to be banned from paying ransoms to Russian hackers
Missouri Adopts New Data Breach Notice Law
Texas Enacts Electronic Health Record Data Localization Law
German court offers EUR 5000 compensation for data breaches caused by Meta
HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
SEC and SolarWinds Seek Settlement in Securities Fraud Case

Related: