As a legal professional, it’s crucial you’re kept informed about on-going changes in law that could impact your practice or your company. A prime example being the recent amendments made to Texas’s data breach reporting requirements. These important changes went into effect on September 1st, and primarily affect the time interval for breach notification.
According to the Constangy, Brooks, Smith & Prophete, LLP, Texas has now shortened the required time businesses have to report a data breach to the state Attorney General. These changes specifically apply if the breach affects 250 or more Texas residents.
Previously, businesses operating in Texas had up to 60 days to notify the Attorney General once a breach was determined. However, this period has now been significantly trimmed down. As of the new amendment, businesses must make a report within 30 days from when they determine that a breach has occurred. This policy shift revises Texas’ stance toward prioritizing swift and effective actions from businesses in the event of data security breaches.
With this change, Texas has become more stringent in its approach to data breach incidents, potentially prompting a reevaluation of cybersecurity strategies and incident response planning for businesses operating within the state. It is essential for legal professionals and corporate entities to take note of these legislative changes and reassess their current data breach notification policies.
In this ever-changing legal landscape, it’s essential to stay alert for new changes in rules, regulations and case law. For those who operate within the space of data protection and cybersecurity, it’s particularly important to keep track of these developments and provide your clients or corporation with the most effective service possible.