June 14, 2013 – Texas Governor Rick Perry today signed into law a revision to the state’s data breach notification law that effectively deletes the requirement for entities that experience a data breach affecting residents of Texas to notify residents of other states in accordance with those other states’ laws or, for residents of states that do not have data breach notification laws, notify such individuals under the requirements of Texas law.
The bill follows a Texas House committee report that found that the law in its previous iteration required those handling affected information in Texas to be aware of the breach notification laws of every state, “which create[d] a substantial and unnecessary administrative burden on professionals who handle personal health information in Texas.”
The revisions to Texas’ data breach notification statute took effect upon the Governor’s signature.
Written by Bruce Sarkisian, Associate, Technology & Privacy Group | Alston & Bird LLP