§ 10-1304. Security measures

Latest version.

   (a) In general. -- To protect personal information from unauthorized access, use, modification, or disclosure, a unit that collects personal information of an individual shall implement and maintain reasonable security procedures and practices that are appropriate to the nature of the personal information collected and the nature of the unit and its operations.

(b) Requirements for third-party service providers. --

   (1) This subsection shall apply to a written contract or agreement that is entered into on or after July 1, 2014.

   (2) A unit that uses a nonaffiliated third party as a service provider to perform services for the unit and discloses personal information about an individual under a written contract or agreement with the third party shall require by written contract or agreement that the third party implement and maintain reasonable security procedures and practices that:

      (i) are appropriate to the nature of the personal information disclosed to the nonaffiliated third party; and

      (ii) are reasonably designed to help protect the personal information from unauthorized access, use, modification, disclosure, or destruction.

HISTORY: 2013, ch. 304.

                    
                        var val = document.getElementById('citecontent').innerHTML;
                        art.dialog.defaults.title = window.location.href;
                        art.dialog.data('cite', val);
                        art.dialog.data('homeDemoPath', '/Scripts/plus/artDialog/');
                        art.dialog.open('/Scripts/plus/artDialog/citeiframe.html');