Texas Joins Other States with New Texas Data Breach Notification Requirement: Is This a New Trend?

Texas Joins Other States with New Texas Data Breach Notification Requirement: Is This a New Trend?













Advertisement









Tuesday, June 15, 2021





The Texas Legislature, which meets every other year, pushed a change to its data breach notification law at the end of the session in late May, and yesterday Governor Greg Abbott signed the bill into law.  It follows a growing trend of changes to privacy and cybersecurity laws at the state level.


Texas House Bill 3746 will amend Texas Business and Commerce Code § 521.053, which requires notifications to individuals and the Texas Attorney General following certain data breaches.  The amendment adds a requirement for the Texas Attorney General to post on its website a listing of data breach notifications received, when a breach involves 250 or more Texas residents. California has a similar requirement, although it is for breaches affecting 500 or more residents.


Specifically, the Texas amendment would require the Texas Attorney General to:



Post on the Attorney General’s public website a listing of notifications received, excluding any sensitive personal information, any information that may compromise a data system’s security, and any other information reported to the Attorney General that is made confidential by law;




Maintain an updated listing on the website, and update the list no later than every 30 days; and




Remove data no later than one year following the date it was added, unless the entity notified the Attorney General of additional incidents.



The amendment also now requires that entities reporting a breach to the Texas Attorney General provide the number of Texas residents receiving notification of the breach, in additi ..

Support the originator by clicking the read the rest link below.