Texas Gov. Greg Abbott on May 27 signed into law Senate Bill 768 which amends the state’s data breach notification statutes. The amendments go into effect Sept. 1, 2023.
The amendments require:
- Notifying the attorney general of a breach “as soon as practicable,” and not later than 30 days after determining that the breach affected at least 250 Texas residents, as opposed to 60 days; and
- Submitting notifications to the attorney general electronically using a form that will be provided on the attorney general’s website.
The Bill Analysis states the shorter notification timeframe is necessary because “as cybercrimes such as identity theft have been on the rise, 60 days is too long of a period before notification is required.”
For additional insight from Maurice Wutscher on data privacy and security laws and legislation, click here.