Effective September 1, 2021, companies reporting breaches of system security to the State AG must include the number of affected residents that have been directly notified of the breach (current requirements are breach details, number of affected State residents, measures taken, and any law enforcement involvement); the AG will post a list of notifications received on its publicly accessible website, with companies being removed from the list after one year if no additional breaches occur.
#texas #cyber #dataprivacy #value-privacy #law #legistlation