Ask Reggi Your Question Now
Can you summarize Tex. Bus. & Com. Section 521.053?
IDENTITY THEFT > NOTIFICATION REQUIRED FOLLOWING BREACH OF SECURITY OF COMPUTERIZED DATA.
Short Summary
This section of the Texas Statutes, specifically the Business and Commerce Code, governs the breach of system security and notification requirements following a breach of computerized data. It defines ‘breach of system security’ as the unauthorized acquisition of computerized data compromising the security, confidentiality, or integrity of sensitive personal information. The section requires persons conducting business in Texas who own or license computerized data containing sensitive personal information to disclose any breach of system security to affected individuals. The disclosure must be made without unreasonable delay and no later than the 60th day after the breach is determined, unless delayed by a law enforcement agency. The section also imposes notification obligations on persons maintaining computerized data not owned by them. The document outlines various methods of providing notice, including written notice, electronic notice, and alternative notice options for cases where the cost of providing notice is excessive or contact information is insufficient. Additionally, the section requires notification to the attorney general and provides for the posting of breach notifications on the attorney general’s website. The penalties for non-compliance are not specified in the provided document.
Whom does it apply to?
Persons conducting business in Texas who own or license computerized data that includes sensitive personal information, and persons who maintain computerized data that includes sensitive personal information not owned by them
What does it govern?
Breach of system security and notification requirements following a breach of computerized data
What are exemptions?
No specific exemptions are mentioned.
What are the Penalties?
Not specified in the provided document.
Jurisdiction
Texas