Can I ignore my obligations as a service provider with access to personal information in Texas? What are the requirements?

Obligations of Service Providers with Access to Personal Information in Texas

As a service provider with access to personal information in Texas, you have certain obligations that you cannot ignore. The following are the requirements that you must comply with:

1. Disclosure Prohibited: According to Tex. Code of Criminal Procedure Art. 18B.502, a provider of an electronic communications service may not knowingly divulge the contents of a communication that is in electronic storage, except as provided by Subsection (c).
2. Government Access to Electronic Customer Data: An authorized peace officer may require a provider of an electronic communications service or a provider of a remote computing service to disclose electronic customer data that is in electronic storage by obtaining a warrant under Article 18B.354 ^[1.4].
3. Authentication of Records by Service Provider: If an authorized peace officer serving a warrant under Article 18B.355 also delivers an affidavit form to the provider of an electronic communications service or the provider of a remote computing service responding to the warrant, and the peace officer also notifies the service provider in writing that an executed affidavit is required, the service provider shall verify the authenticity of the customer data, contents of communications, and other information produced in compliance with the warrant by including with the information an affidavit form ^[1.2].
4. Privacy of Customer Information: A REP or aggregator shall not release proprietary customer information, as defined in §25.272(c)(5) of this title (relating to Code of Conduct for Electric Utilities and Their Affiliates), to any other person, including an affiliate of the REP, without obtaining the customer’s or applicant’s verifiable authorization by means of one of the methods authorized in §25.474 of this title (relating to Selection of Retail Electric Provider) ^[3.1].

Therefore, you cannot ignore your obligations as a service provider with access to personal information in Texas. You must comply with the requirements mentioned above to avoid any legal consequences.

In addition, Tex. Code of Criminal Procedure Art. 18B.352 states that a court shall issue an order authorizing disclosure of contents, records, or other information of a wire or electronic communication held in electronic storage if the court determines that there is a reasonable belief that the information sought is relevant to a legitimate law enforcement inquiry ^[1.3].

Furthermore, Tex. Code of Criminal Procedure Art. 18B.359 allows a provider of a telephonic communications service to disclose certain stored customer data to an authorized peace officer without legal process under certain circumstances ^[1.5].

It is important to note that you must also comply with the Right of Access to Your Individually Identifiable Health Information as stated in 40 TXAC 71.302 ^[2.1].

Therefore, it is imperative that you comply with all the relevant laws and regulations to avoid any legal consequences.

Source(s):

• [2.1] Right of Access to Your Individually Identifiable Health Information
• [1.2] WARRANT ISSUED IN THIS STATE: AUTHENTICATION OF RECORDS BY SERVICE PROVIDER.
• [1.3] COURT ORDER FOR GOVERNMENT ACCESS TO STORED CUSTOMER DATA.
• [1.4] GOVERNMENT ACCESS TO ELECTRONIC CUSTOMER DATA.
• [3.1] Privacy of Customer Information
• [1.5] GOVERNMENT ACCESS TO CERTAIN STORED CUSTOMER DATA WITHOUT LEGAL PROCESS.

Jurisdiction

Texas

• Privacy