Ask Reggi Your Question Now
Can I use third-party social media tools that collect personal information in Maryland? What are the requirements?
Use of Third-Party Social Media Tools in Maryland
Based on the provided context documents, there are several regulations in Maryland that govern the collection and disclosure of personal information. However, it is not clear from the context whether there are specific regulations that address the use of third-party social media tools that collect personal information.
If a third-party social media tool collects personal information from Maryland residents, the tool may be subject to Maryland’s data privacy laws. For example, MDCR 31.16.08.11 limits the disclosure of nonpublic personal financial information to nonaffiliated third parties, unless the licensee has provided an initial notice and opt-out notice to the consumer and the consumer has not opted out [3.3]. Similarly, MDCR 31.16.08.18 requires a valid authorization for the disclosure of nonpublic personal health information [3.1].
Additionally, MDCR 10.25.18.10 outlines the requirements for accessing, using, or disclosing data through an HIE for secondary use. This regulation allows an HIE to disclose identifiable data to a care management organization for purposes related to population care management, provided that the requirements of §A(1)(a) and (b) of this regulation are met, and appropriate notice has been provided to health care consumers whose information is being requested [2.1].
However, without more specific information about the type of personal information collected by the third-party social media tool and the purpose of the collection, it is difficult to provide a definitive answer.
Conclusion
Based on the provided context documents, it is not clear whether there are specific regulations that address the use of third-party social media tools that collect personal information in Maryland. If a third-party social media tool collects personal information from Maryland residents, it may be subject to Maryland’s data privacy laws, such as MDCR 31.16.08.11 and MDCR 31.16.08.18. Additionally, MDCR 10.25.18.10 outlines the requirements for accessing, using, or disclosing data through an HIE for secondary use. However, more specific information is needed to provide a definitive answer.
Source(s):
- [2.1] Requirements for Accessing, Using, or Disclosing of Data Through an HIE for Secondary Use.
- [3.1] Authorizations for Disclosure of Health Information.
- [3.3] Limits on Disclosure of Nonpublic Personal Financial Information to Nonaffiliated Third Parties.
Jurisdiction
Maryland