On July 26, 2022, the attorneys general of New Jersey, Pennsylvania, Delaware, Maryland, Virginia, Florida and Washington D.C. announced an $8 million multistate settlement with Wawa Inc. that resolves the states’ investigation into a 2019 data breach that compromised approximately 34 million payment cards used by consumers at Wawa stores and fueling locations.
Continue Reading Wawa Inc. Settles Multi-State AG Breach Investigation for $8 Million
Maryland
Maryland Amends Its Personal Information Protection Act
Posted on
Posted in Information Security, Security Breach
On May 29, 2022, the Maryland legislature enacted House Bill 962, which amends Maryland’s Personal Information Protection Act. …
Continue Reading Maryland Amends Its Personal Information Protection Act
Two States Enact Insurance Data Security Laws
Posted on
In April 2022, Kentucky and Maryland enacted insurance data security legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law MDL-668.
Continue Reading Two States Enact Insurance Data Security Laws
UPDATE: Baltimore Bans Private-Sector Use of Facial Recognition Technology
Posted on
Posted in Information Security, U.S. State Law
On September 8, 2021, Baltimore’s local ordinance regulating private entities’ use of facial recognition technology becomes effective.
Continue Reading UPDATE: Baltimore Bans Private-Sector Use of Facial Recognition Technology
Baltimore Passes Bill Banning Private-Sector Use of Facial Recognition Technology
Posted on
Posted in Information Security, U.S. State Law
On June 14, 2021, the Baltimore City Council passed a bill that would ban the use of facial recognition technology by private entities and individuals within the city limits. If signed into law, Baltimore, Maryland would become the latest U.S. city to enact stringent regulations governing the use of facial recognition technology in the private sector.
…
Continue Reading Baltimore Passes Bill Banning Private-Sector Use of Facial Recognition Technology
Maryland Insurance Administration Announces New Breach Notification Requirements
Posted on
Posted in Security Breach, U.S. State Law
On August 29, 2019, the Maryland Insurance Administration issued new breach notification requirements for entities that provide health insurance or related services. The new requirements will apply to insurers, non-profit health plans, HMOs, third-party administrators, and certain other managed care entities. The new rules will take effect on October 1, 2019.
…
Continue Reading Maryland Insurance Administration Announces New Breach Notification Requirements