|
House Bill 4390 |
House Author: Capriglione et al. |
|
Effective: See below |
Senate Sponsor: Nelson |
Current law requires a person who conducts business in Texas and owns or licenses computerized data that includes sensitive personal information to disclose any breach of system security as quickly as possible to any individual whose sensitive personal information was, or is reasonably believed to have been, acquired by an unauthorized person. House Bill 4390 amends the Business & Commerce Code, effective January 1, 2020, to establish a specific deadline for that required disclosure. If the breach involves at least 250 Texas residents, the person must also notify the attorney general of the breach. The bill, in temporary provisions that are effective September 1, 2019, creates the Texas Privacy Protection Advisory Council to study data privacy laws in Texas, other states, and relevant foreign jurisdictions and to make recommendations to the legislature.