The Maryland State Senate is considering several cybersecurity-related bills to advance the state’s efforts to be the epicenter for cybersecurity. Maryland has already enacted several measures to foster cybersecurity companies and their technologies. State Senator Catherine E. Pugh and the Commission on Maryland Cybersecurity Innovation and Excellence have introduced four bills in the current legislative session aimed at protecting Maryland citizens from cyber intrusion and/or data breaches. This alert provides a brief summary of the proposed legislation.

SB 859 Maryland Personal Information Protection Act – Revisions

SB 859 amends the duties imposed on private businesses under Maryland’s Personal Information Protection Act (PIPA) regarding keeping, securing, and destroying records that contain personal information of customers and response and notification in the event of a data breach. SB 859 increases the duties for private businesses by expanding the definition of customer personal information. The bill redefines “personal information” to include any information relating to an individual that can identify that individual, regardless of whether the information is encrypted.

SB 859 also adopts a new category of “private information” for which duties are imposed which includes social security numbers, driver’s license or state identification card numbers, passport numbers, or other federally issued identification numbers and financial account numbers. The bill also defines fairly specific written data security procedures and practices that businesses must require from third-party contractors who handle personal information. If passed, SB 859 will impose new and expanded duties on nearly any business that keeps data regarding individual customers. SB 859 has been referred to the Senate Rules committee, but no hearing has been scheduled yet. SB 859 was cross-filed with HB 960, which is scheduled for a hearing in the House Economic Matters committee on February 20th.

Please see full alert below for more information.