Unannotated Code of Maryland (Last Updated: May 16, 2014) |
COMMERCIAL LAW |
TITLE 14. MISCELLANEOUS CONSUMER PROTECTION PROVISIONS |
SUBTITLE 35. MARYLAND PERSONAL INFORMATION PROTECTION ACT. |
§ 14-3507. Compliance with subtitle
Latest version.
-
(a) "Affiliate" defined. -- In this section, "affiliate" means a company that controls, is controlled by, or is under common control with a business described in subsection (c)(1) of this section.
(b) Requirements of federal or State regulator. -- A business that complies with the requirements for notification procedures, the protection or security of personal information, or the destruction of personal information under the rules, regulations, procedures, or guidelines established by the primary or functional federal or State regulator of the business shall be deemed to be in compliance with this subtitle.
(c) Compliance with other federal laws. --
(1) A business that is subject to and in compliance with § 501(b) of the federal Gramm-Leach-Bliley Act, 15 U.S.C. § 6801, § 216 of the federal Fair and Accurate Credit Transactions Act, 15 U.S.C. § 1681w, the federal Interagency Guidelines Establishing Information Security Standards, and the federal Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice, and any revisions, additions, or substitutions, shall be deemed to be in compliance with this subtitle.
(2) An affiliate that complies with § 501(b) of the federal Gramm-Leach-Bliley Act, 15 U.S.C. § 6801, § 216 of the federal Fair and Accurate Credit Transactions Act, 15 U.S.C. § 1681w, the federal Interagency Guidelines Establishing Information Security Standards, and the federal Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice, and any revisions, additions, or substitutions, shall be deemed to be in compliance with this subtitle.