| |
| |
|
|
A BILL TO BE ENTITLED
|
|
|
AN ACT
|
|
|
relating to the notification of individuals following a breach of |
|
|
security of computerized data. |
|
|
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: |
|
|
SECTION 1. Sections 521.053(b-1) and (e), Business & |
|
|
Commerce Code, are amended to read as follows: |
|
|
(b-1) If [Notwithstanding Subsection (b), the requirements
|
|
|
of Subsection (b) apply only if] the individual whose sensitive |
|
|
personal information was or is reasonably believed to have been |
|
|
acquired by an unauthorized person is a resident [of this state or
|
|
|
another state that does not require a person described by
|
|
|
Subsection (b) to notify the individual of a breach of system
|
|
|
security.
If the individual is a resident] of a state that |
|
|
requires a person described by Subsection (b) to provide notice of a |
|
|
breach of system security, the notice of the breach of system |
|
|
security required under Subsection (b) may be provided under that |
|
|
state's law or under [satisfies the requirements of] Subsection |
|
|
(b). |
|
|
(e) A person may give notice as required by Subsection (b) |
|
|
or (c) by providing: |
|
|
(1) written notice at the last known address of the |
|
|
individual; |
|
|
(2) electronic notice, if the notice is provided in |
|
|
accordance with 15 U.S.C. Section 7001; or |
|
|
(3) notice as provided by Subsection (f). |
|
|
SECTION 2. This Act takes effect immediately if it receives |
|
|
a vote of two-thirds of all the members elected to each house, as |
|
|
provided by Section 39, Article III, Texas Constitution. If this |
|
|
Act does not receive the vote necessary for immediate effect, this |
|
|
Act takes effect September 1, 2013. |