Bill number does not exist. Enter a vaild keyword.

Statutes Text

Article - Commercial Law




§14–3501.

    (a)    In this subtitle the following words have the meanings indicated.

    (b)    (1)    “Business” means a sole proprietorship, partnership, corporation, association, or any other business entity, whether or not organized to operate at a profit.

        (2)    “Business” includes a financial institution organized, chartered, licensed, or otherwise authorized under the laws of this State, any other state, the United States, or any other country, and the parent or subsidiary of a financial institution.

    (c)    “Encrypted” means the protection of data in electronic or optical form using an encryption technology that renders the data indecipherable without an associated cryptographic key necessary to enable decryption of the data.

    (d)    “Health information” means any information regarding an individual’s medical history, medical condition, or medical treatment or diagnosis.

    (e)    (1)    “Personal information” means:

            (i)    An individual’s first name or first initial and last name in combination with any one or more of the following data elements, when the data elements are not encrypted, redacted, or otherwise protected by another method that renders the information unreadable or unusable:

                1.    A Social Security number, an Individual Taxpayer Identification Number, a passport number, or other identification number issued by the federal government;

                2.    A driver’s license number or State identification card number;

                3.    An account number, a credit card number, or a debit card number, in combination with any required security code, access code, or password, that permits access to an individual’s financial account;

                4.    Health information, including information about an individual’s mental health;

                5.    A health insurance policy or certificate number or health insurance subscriber identification number, in combination with a unique identifier used by an insurer or an employer that is self–insured, that permits access to an individual’s health information;

                6.    Biometric data of an individual generated by automatic measurements of an individual’s biological characteristics such as a fingerprint, voice print, genetic print, retina or iris image, or other unique biological characteristic, that can be used to uniquely authenticate the individual’s identity when the individual accesses a system or account; or

                7.    For purposes of the notifications required under § 14–3504(b)(2), (c), (d), (e), (f), and (g) of this subtitle, genetic information with respect to an individual;

            (ii)    A user name or e–mail address in combination with a password or security question and answer that permits access to an individual’s e–mail account; or

            (iii)    For the purposes of the requirements of this title other than the notifications required under § 14–3504(b)(2), (c), (d), (e), (f), and (g) of this subtitle, genetic information with respect to an individual when the genetic information is not encrypted, redacted, or otherwise protected by another method that renders the information unreadable or unusable, including:

                1.    Data, regardless of its format, that results from the analysis of a biological sample of the individual or from another source that enables equivalent information to be obtained and that concerns genetic material;

                2.    Deoxyribonucleic acids;

                3.    Ribonucleic acids;

                4.    Genes;

                5.    Chromosomes;

                6.    Alleles;

                7.    Genomes;

                8.    Alterations or modifications to deoxyribonucleic acids or ribonucleic acids;

                9.    Single nucleotide polymorphisms;

                10.    Uninterrupted data that results from the analysis of a biological sample from the individual or other sources; and

                11.    Information extrapolated, derived, or inferred from item 1, 2, 3, 4, 5, 6, 7, 8, 9, or 10 of this item.

        (2)    “Personal information” does not include:

            (i)    Publicly available information that is lawfully made available to the general public from federal, State, or local government records;

            (ii)    Information that an individual has consented to have publicly disseminated or listed; or

            (iii)    Information that is disseminated or listed in accordance with the federal Health Insurance Portability and Accountability Act.

    (f)    “Records” means information that is inscribed on a tangible medium or that is stored in an electronic or other medium and is retrievable in perceivable form.



Click to return on the top page