Texas Gov. Greg Abbott on May 27 signed into law Senate Bill 768 which amends the state’s data breach notification statutes. The amendments go into effect Sept. 1, 2023.
The amendments require:
Notifying the attorney general of a breach “as soon as practicable,” and not later than 30 days after determining that the breach affected at least 250 Texas residents, as opposed to 60 days; and
Submitting notifications to the attorney general electronically using a form that will be provided on the attorney general’s website.
The Bill Analysis states the shorter notification timeframe is necessary because “as cybercrimes such as identity theft have been on the rise, 60 days is too long of a period before notification is required.”
For additional insight from Maurice Wutscher on data privacy and security laws and legislation, click here.
Eric Rosenkoetter is a principal at Maurice Wutscher LLP, and is focused on advising clients with respect to federal and state consumer financial protection laws and data privacy and security, and he is a Certified Information Privacy Professional though the International Association of Privacy Professionals. He also brings to the table experience as a litigator, chief compliance and ethics officer, director of legislative affairs, federal lobbyist, and administrative hearings officer. Eric earned his Juris Doctor from Washington University School of Law, and his Bachelor of Business Administration from Southern Methodist University. He is a member of the International Association of Privacy Professionals, the Receivables Management Association International (RMAI), and ACA International. He is admitted to practice law in Texas and Missouri and in the U.S. District Courts for the Northern, Southern, Eastern, and Western Districts of Texas. For more information, see https://mauricewutscher.com/attorneys/eric-rosenkoetter/