In 2011 Texas amended its data breach notification to include a provision that purportedly required companies to issue notifications of data breaches to residents of states that do not have a data breach notification law. On June 14, 2013, Texas Governor Rick Perry signed a bill that removes this language. With respect to individuals living in states that do require notification in the event of a breach, the amendment further provides that, for the purpose of satisfying Texas law only, such notice can be provided to such an individual under Texas law or under the law of the state in which the individual resides. The amendment also clarifies that written notice must be given "at the last known address of the individual."
TIP: While this amendment does remove one potential requirement from companies facing a nationwide breach, the state data breach notification laws are continuing to evolve rapidly throughout the United States. Breach notice plans should thus be continually reviewed to ensure that they comply with the changing landscape.