LOGIN Request a call

← BLOG  |  EMPLOYMENT LAW UPDATES  |  NEWS

Maryland Enacts Online Data Privacy Act

21 May

Share
Update Applicable to:Effective date
All covered entities as defined in the billOctober 1, 2025


What happened?

On April 6, the Maryland legislature passed the Maryland Online Data Privacy Act of 2024, sending the bill to the state’s governor for signing. In short, the Act is broader, stricter, and more easily triggered than its peers. Thus, it warrants scrutiny from covered businesses. 


What are the details?

Maryland decided to part ways with other states’ privacy laws.


Key Bites

  • Covered entities: any business that:
    • (1) controls or processes the personal data of at least 35,000 consumers or
    • (2) controls or processes the personal data of at least 10,000 consumers and derives more than 20 percent of its gross revenue from the sale o personal data.
  • As defined in the law, the consumer definition does not include anyone in the employment context (employee, employer, or contractor) and it expressly contemplates employment information as an exception, which means, employment information is not considered part of the potential bill.
  • As defined in the law, the consumer definition does not include anyone in the employment context (employee, employer, or contractor) and it expressly contemplates employment information as an exception, which means, employment information is not considered part of the potential bill.
    • (2) “Consumer” does not include:
    • (ii) an individual acting as an employee…of a company, a partnership, a sole proprietorship, a nonprofit organization, or a governmental unit whose communications or transactions with a controller occur only within the context of the individual’s role with the company, partnership, sole proprietorship, nonprofit organization, or governmental unit.
    • (A) this subtitle does not apply to:
    • (11) Data processed or maintained
    • (i) in the course of an individual applying to, employed by, or acting as an agent or independent contractor of a controller, processor, or third party, to the extent that the data is collected and used within the context of the role;
  • According to Hush Blackwell Partner David Stauss, the Maryland Data Privacy Act is different and very consequential. For more information click here


Business Considerations

  • Complying with Maryland will take more than the standard compliance framework applied to most existing data privacy laws, so employers are encouraged to seek counsel to comply.
  • Employers should review and update their privacy policies to ensure they are accurate and up to date. The policies should comply with the new law’s requirements.
  • Employers should train their employees on the new law and the company’s privacy policy. This will help ensure that all staff understand the importance of data privacy and the company’s obligations under the new law.
  • Employers should be aware of the penalties for non-compliance, in which case, they could be subject to MCPA’s civil and criminal penalty provisions.
  • Employers are encouraged to take their time to review and implement accordingly the MODPA


Source References


Resources

Need help understanding how changes to employment laws will affect your business?

Learn more about how Vensure's Maryland PEO services can help you navigate complex employment laws and keep your business compliant.


This communication is intended solely for the purpose of conveying information. The present post might incorporate hyperlinks directing readers to websites managed by third-party entities. The inclusion of any links within this communication is meant to serve as points of reference and could encompass opinion articles from various law firms, articles from HR associations, official websites, news releases, and documents of government agencies, and other relevant third-party sources. Vensure has no authority over these external websites and bears no responsibility for their content. Furthermore, Vensure does not endorse the materials present on these websites. The contents of this communication should not be interpreted as legal advice or as a legal standpoint concerning specific facts or scenarios. Nor should it be deemed an exhaustive compilation of facts potentially pertinent to federal, state, or local laws. It is strongly advised that employers solicit legal guidance from an employment attorney when undertaking actions in response to any legal updates provided. This is due to the possibility of future alterations occurring in federal, state, and local laws, regulations, as well as the directives and guidelines issued by governing agencies. These changes may transpire at any given time, potentially rendering certain portions of the content within this update void or inaccurate.

Keep Your Business Compliant

Fill out the form below to receive monthly Employment Law Updates right in your inbox.

Keep Your Business Compliant

Fill out the form below to receive monthly Employment Law Updates right in your inbox.

Amazing!

You're all set.

Thanks for subscribing. Be on the look out for the Legal HR updates in your email.

Tracking Convertion image