Texas amends breach notification requirements

Privacy, Cyber Risk & Data Security State Issues Texas Data Breach State Attorney General Consumer Protection

On May 27, the Texas governor signed SB 768 to amend the state’s data breach notification statutes. The Act requires entities to notify the attorney general “as soon as practicable” and not later than 30 days after the date a computerized security system breach occurs involving at least 250 Texas residents. The Act now details that notification must be submitted electronically using a form accessible through the attorney general’s website. No substantive changes were made to the required information within the form. The Act is effective September 1.