Can I ensure that my company is compliant with expanding privacy protections in Texas? What are the requirements?

To ensure that your company is compliant with expanding privacy protections in Texas, you must comply with the Texas Insurance Code, Chapter 602, and the Health Insurance Portability and Accountability Act (HIPAA) Privacy Standards.

Under Texas Insurance Code, Chapter 602, a covered entity, which includes insurance companies, health maintenance organizations, and insurance agents, must comply with state and federal privacy regulations ^[1.5]. The Texas Department of Insurance enforces the federal privacy regulations outlined in 15 U.S.C. Sections 6801-6805 and Texas Insurance Code, Chapter 602 ^[1.1][1.6].

HIPAA Privacy Standards apply to covered entities that handle protected health information (PHI) ^[1.2]. If your company is a covered entity under HIPAA, you must comply with the HIPAA Privacy Standards in addition to the Texas Insurance Code, Chapter 602.

It is important to note that Texas law does not preempt or supersede state law in effect on July 1, 2002, that relates to the privacy of medical records, health information, or insurance information ^[1.7]. Additionally, Texas law does not affect the authority of the department or another state agency to adopt stricter rules governing the treatment of health information by a covered entity if another law gives the department or agency that authority ^[1.3].

To ensure compliance with expanding privacy protections in Texas, your company should regularly review and update its privacy policies and procedures to ensure compliance with state and federal regulations. Your company should also consider conducting a risk analysis to identify potential privacy risks and implement appropriate safeguards to mitigate those risks ^[2.1].

In summary, to ensure compliance with expanding privacy protections in Texas, your company must comply with the Texas Insurance Code, Chapter 602, and the HIPAA Privacy Standards if applicable. Your company should regularly review and update its privacy policies and procedures and consider conducting a risk analysis to identify and mitigate potential privacy risks.

^[1.1]: Tex. Ins. Section 601.051 ^[1.2]: Tex. Ins. Section 602.002 ^[2.1]: Tex. Health & Safety Section 181.206 ^[1.3]: Tex. Ins. Section 601.004 ^[1.5]: Tex. Ins. Section 602.001 ^[1.6]: Tex. Ins. Section 601.101 ^[1.7]: Tex. Ins. Section 602.003

Source(s):

• [1.1] RULES.
• [1.2] APPLICABILITY OF CHAPTER TO COVERED ENTITY REQUIRED TO COMPLY WITH CERTAIN FEDERAL STANDARDS.
• [2.1] AUDITS OF COVERED ENTITIES.
• [1.3] TREATMENT OF CERTAIN HEALTH INFORMATION; STRICTER RULES NOT PRECLUDED.
• [1.5] DEFINITIONS.
• [1.6] ENFORCEMENT BY DEPARTMENT.
• [1.7] CONSTRUCTION OF CHAPTER.

Jurisdiction

Texas

• Privacy