"Texas to Publish Data Breach Notifications"

Lawmakers in Texas have passed a bill requiring notices to be published online of any data breaches involving the personal information of 250 or more Lone Star State residents. The unanimously passed House Bill 3746, which amends the Texas Business and Commerce Code §521.053, requires the Texas Attorney General's Office to post the breach notifications to its public-facing website. Notifications must be uploaded to the website within 30 days of receipt, and listings of organizations impacted by a data breach must remain in place for 12 months. A listing will only be removed if the individual or company does not suffer any further data breaches affecting 250 or more Texas residents during the year-long listing period. Breached organizations cannot simply report a data breach incident to the Attorney General's Office and walk away. Their notice must include a description of what measures were taken to mitigate the breach and details of what future actions will be taken regarding the incident. Before it becomes law, the bill must be signed by Texas Governor Greg Abbott. If the law is signed, then it will go into effect on September 1, 2021. By passing this new bill, the Texas legislature will have followed in the footsteps of Maine and California.

Infosecurity reports: "Texas to Publish Data Breach Notifications"