Md. Code Ann., Com. Law § 14-3502
Protection of customer's personal information
Effective Jan 1, 2018Added by Acts 2007, c. 531, § 1, eff. Jan. 1, 2008; Acts 2007, c. 532, § 1, eff. Jan. 1, 2008. Amended by Acts 2017, c. 518, § 1, eff. Jan. 1, 2018.State of Maryland
- (a) In this section, “customer” means an individual residing in the State who provides personal information to a business for the purpose of purchasing or leasing a product or obtaining a service from the business.
(b) When a business is destroying a customer's, an employee's, or a former employee's records that contain personal information of the customer, employee, or former employee, the business shall take reasonable steps to protect against unauthorized access to or use of the personal information, taking into account:
- (1) The sensitivity of the records;
- (2) The nature and size of the business and its operations;
- (3) The costs and benefits of different destruction methods; and
- (4) Available technology.
Added by Acts 2007, c. 531, § 1, eff. Jan. 1, 2008; Acts 2007, c. 532, § 1, eff. Jan. 1, 2008. Amended by Acts 2017, c. 518, § 1, eff. Jan. 1, 2018.