August 5, 2021

Volume XI, Number 217

Advertisement

August 05, 2021

Subscribe to Latest Legal News and Analysis

August 04, 2021

Subscribe to Latest Legal News and Analysis

August 03, 2021

Subscribe to Latest Legal News and Analysis

August 02, 2021

Subscribe to Latest Legal News and Analysis

Texas Amends Breach Notification Law to Require Public Reporting of Breach Notices

On June 14, 2021, Texas Governor Greg Abbott signed HB 3746, a bill amending Texas’s data breach notification law. Texas’s breach notification law requires notice to affected residents in the event of a data breach affecting certain sensitive personal data, including Social Security numbers, driver’s license or other government-issued ID numbers, account numbers or payment card numbers in combination with any required security code, access code or password, or certain information about an individual’s health or medical condition or treatment. The law also requires businesses to notify the Texas Attorney General of any data breach affecting at least 250 Texas residents.

HB 3746 amends the content requirements for breach notifications to the Attorney General to include a requirement that businesses report “the number of affected residents that have been sent a disclosure of the breach by mail or other direct methods of communication at the time of [AG] notification.” This requirement is in addition to a requirement in the law to report the number of Texas residents affected by the breach.

Separately, HB 3746 also creates a new public notification requirement for the Attorney General, who is now charged with maintaining a publicly accessible list of breach notifications submitted to the Attorney General’s Office. Under the amended law, the Attorney General must update its public list within 30 days of receiving a breach notification report, and must remove a business from the list after one year from the notice date (assuming the business has not submitted any updated or additional breach notifications since that time).

The amendments in HB 3746 take effect September 1, 2021.

Copyright © 2021, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XI, Number 168
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct
Advertisement
Advertisement