Joseph Lazzarotti and Phillip A. Baggett of Jackson Lewis write:
On May 27, 2023, Texas’ Governor signed Senate Bill 768 amending Texas’ data breach notification law. The law in question, Section 521.053 of the Texas Business and Commerce Code, sets out the specific requirements any person conducting business in the state who owns or licenses sensitive personal information in a computerized format must follow in the event of any breach of system security.
The amendment updates only the portion of the law requiring a business to notify the Texas Attorney General of any data breach affecting at least 250 Texas residents. Previously, the law required such persons to notify the Texas Attorney General within 60 days of discovering a breach affecting 250+ residents but did not specify a particular method of providing the notice. The amendment shortens the deadline from 60 days to “as soon as practicable and not later than 30 days” and requires such persons to submit the notification via an electronic form accessible on the Attorney General’s website.
Read more at Workplace Privacy, Data Management & Security Report