Can I prioritize privacy compliance to gain a competitive advantage, reduce the possibility of regulatory issues, and help secure valuable partnerships in Maryland? What are the requirements?

Prioritizing Privacy Compliance in Maryland

Yes, prioritizing privacy compliance can provide a competitive advantage, reduce the possibility of regulatory issues, and help secure valuable partnerships in Maryland.

To comply with Maryland privacy laws, licensees must provide clear and conspicuous initial and revised privacy notices that accurately reflect their privacy policies and practices for nonpublic financial information to customers and consumers ^[1.4][1.7]. The initial notice must be provided not later than when the licensee establishes a customer relationship, except as provided in §E of Regulation .05 ^[1.4]. The revised notice must be provided before the licensee discloses a new category of nonpublic personal financial information to any nonaffiliated third party, nonpublic personal financial information to a new category of nonaffiliated third party, or nonpublic personal financial information about a former customer to a nonaffiliated third party, if that former customer has not had the opportunity to exercise an opt-out right regarding that disclosure ^[1.3].

The privacy notices must include the categories of nonpublic personal financial information that the licensee collects and discloses, the categories of affiliates and nonaffiliated third parties to whom the licensee discloses nonpublic personal financial information, the licensee’s policies and practices with respect to protecting the confidentiality and security of nonpublic personal financial information, and an explanation of the consumer’s right to opt-out of the disclosure of nonpublic personal financial information to nonaffiliated third parties ^[1.7].

Licensees must also provide a reasonable opportunity for consumers to opt-out of the disclosure of nonpublic personal financial information to nonaffiliated third parties ^[1.3].

Delivery of Privacy Notices for Financial Information must be done in a manner that each consumer can reasonably be expected to receive actual notice in writing or, if the consumer agrees, electronically ^[1.2].

Licensees are not subject to the notice and opt-out requirements for nonpublic personal financial information if they are an employee, agent, or other representative of another licensee, the other licensee otherwise complies with, and provides the notices required by, the provisions of this chapter, and the licensee does not disclose any nonpublic personal information to any person other than the other licensee or its affiliates in a manner permitted by this chapter ^[1.5].

A licensee shall provide a clear and conspicuous notice to customers that accurately reflects its privacy policies and practices for nonpublic financial information at least once in each annual notice period during the continuation of the customer relationship ^[1.6].

Other exceptions to notice and opt-out requirements for disclosure of nonpublic personal financial information include, but are not limited to, disclosures made with the consent or at the direction of the consumer, disclosures to protect the confidentiality or security of a licensee’s records pertaining to the consumer, disclosures to protect against or prevent actual or potential fraud or unauthorized transactions, and disclosures to persons holding a legal or beneficial interest relating to the consumer ^[1.8].

Failure to comply with Maryland privacy laws may result in regulatory issues and penalties ^[1.1].

Therefore, prioritizing privacy compliance can help licensees avoid regulatory issues, build trust with customers and consumers, and secure valuable partnerships.

Requirements for Privacy Compliance in Maryland

• Provide clear and conspicuous initial and revised privacy notices that accurately reflect privacy policies and practices for nonpublic financial information to customers and consumers ^{[1.4][1.7][1.3]}.
• Include the categories of nonpublic personal financial information that the licensee collects and discloses, the categories of affiliates and nonaffiliated third parties to whom the licensee discloses nonpublic personal financial information, the licensee’s policies and practices with respect to protecting the confidentiality and security of nonpublic personal financial information, and an explanation of the consumer’s right to opt-out of the disclosure of nonpublic personal financial information to nonaffiliated third parties in the privacy notices ^[1.7].
• Provide a reasonable opportunity for consumers to opt-out of the disclosure of nonpublic personal financial information to nonaffiliated third parties ^[1.3].
• Deliver privacy notices for financial information in a manner that each consumer can reasonably be expected to receive actual notice in writing or, if the consumer agrees, electronically ^[1.2].
• Licensees are not subject to the notice and opt-out requirements for nonpublic personal financial information if they are an employee, agent, or other representative of another licensee, the other licensee otherwise complies with, and provides the notices required by, the provisions of this chapter, and the licensee does not disclose any nonpublic personal information to any person other than the other licensee or its affiliates in a manner permitted by this chapter ^[1.5].
• Provide a clear and conspicuous notice to customers that accurately reflects its privacy policies and practices for nonpublic financial information at least once in each annual notice period during the continuation of the customer relationship ^[1.6].
• Failure to comply with Maryland privacy laws may result in regulatory issues and penalties ^[1.1].
• Other exceptions to notice and opt-out requirements for disclosure of nonpublic personal financial information include, but are not limited to, disclosures made with the consent or at the direction of the consumer, disclosures to protect the confidentiality or security of a licensee’s records pertaining to the consumer, disclosures to protect against or prevent actual or potential fraud or unauthorized transactions, and disclosures to persons holding a legal or beneficial interest relating to the consumer ^[1.8].

Source(s):

• [1.1] Relationship to Maryland Laws.
• [1.2] Delivery of Privacy Notices for Financial Information.
• [1.3] Revised Privacy Notices for Financial Information.
• [1.4] Initial Privacy Notice for Financial Information to Consumers Required.
• [1.5] Exemption from Notice and Opt Out Requirements for Nonpublic Personal Financial Information.
• [1.6] Annual Privacy Notice for Financial Information to Customers Required.
• [1.7] Information To Be Included in Privacy Notices for Financial Information.
• [1.8] Other Exceptions to Notice and Opt Out Requirements for Disclosure of Nonpublic Personal Financial Information.

Jurisdiction

Maryland

• Privacy