Prior to sending notification to consumers, PIPA states that a business must notify the OAG.
Toll-free numbers, addresses, and websites for the Federal Trade Commission (FTC) and the Maryland Office of the Attorney General (OAG)Ī statement that the individual can obtain information from these sources about steps to avoid identity theft Toll-free numbers and addresses for each of the three credit reporting agencies: Equifax, Experian, and TransUnion Notice to Consumer Must Include:ĭescription of the information compromisedĬontact information for the business, including a toll-free number if the business has one The law also contains a provision for substitute notice, allowing a business to provide notice of a security breach by email, posting on its website, and notice to statewide media if the cost of notice would exceed $100,000 or the number of consumers to be notified exceeds 175,000 individuals. Notice may be sent via email if an individual has already consented to receive electronic notices or the business primarily conducts its business via the Internet. Notice to the affected consumer must be given in writing and sent to the most recent address of the individual, or by telephone to the most recent phone number. A business may delay notification if requested by a law enforcement agency or to determine the scope of the breach, identify all the affected individuals, or restore the integrity of the system.
The event of a security breach, notice must be given to consumers with 45 days. If the investigation shows that there is a reasonable chance that the data will be misused, that business must notify the affected consumers. Once a security breach is detected, a business must conduct in good-faith a reasonable and prompt investigation to determine whether the information that has been compromised has been or is likely to be misused, i.e., for identity theft. If a business experiences a security breach where personal information that, combined, may pose a threat to a consumer if misused, that business must notify any affected consumers residing in Maryland.
#Drivers license number meaning maryland password
User name or email address in combination with a password or security question and answer that permits access to an individual's email account.īreach" is defined as the unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information. Health information, including information about an individual's mental health Ī health insurance policy or certificate number or health insurance subscriber identification number, in combination with a unique identifier used by an insurer or an employer that is self-insured, that permits access to an individual's health information orīiometric data of an individual generated by automatic measurements of an individual's biological characteristics such as a fingerprint, voice print, genetic print, retina or iris image, or other unique biological characteristic, that can be used to uniquely authenticate the individual's identity when the individual accesses a system or account PIPA defines “ personal information" as:Īn individual's first and last name in combination with:Ī Social Security number, an Individual Taxpayer Identification number, a passport number, or other identification number issued by the federal government Ī driver's license number or state identification card number Īn account number, a credit card number, or a debit card number, in combination with any required security code, access code, or password, that permits access to an individual's financial account PIPA contains provisions for notification of consumers in the event of a data security breach and for reasonable security measures to protect consumers' personal identifying information. Law 14-3504, was enacted to make sure that Maryland consumers' personal identifying information is reasonably protected, and if it is compromised, they are notified so that they can take steps to protect themselves. The Personal Information Protection Act (PIPA), Md.Ĭode Ann. Guidelines for Businesses to Comply with the Maryland Personal Information Protection Act What is the Personal Information Protection Act?Īs the crime of identity theft has grown, lawmakers have worked to protect consumers' personal information from identity thieves.
0 kommentar(er)
