On April 30, the Maryland governor signed HB 1154 to amend current law related to security breach notification requirements. Among other provisions, HB 1154 (i) requires businesses that own, license, or maintain computerized data that includes a resident’s personal information to conduct a reasonable, prompt investigation in the event of a security breach to determine whether the personal information has been, or is at risk of, being misused due to the breach; (ii) requires business to provide notice to the affected individuals; (iii) stipulates that businesses may not charge fees when providing necessary information to an owner or licensee who is required to provide notice to affected individuals; and (iv) provides restrictions concerning the use of the computerized data relative to the security breach. The amendments take effect October 1.