(a) In this section, 'security–sensitive data' means information that is protected against unwarranted disclosure. (b) In accordance with guidelines established by the Secretary, each unit of State government shall develop a plan to: (1) identify unit personnel who handle security–sensitive data; and (2) establish annual security overview training or refresher security training for each employee who handles security–sensitive data as part of the employee’s duties.
Maryland Legal Code