New Texas Patient Database Security Breach Notification Law
A new breach notification law will become effective Jan. 1, 2020. HB 4390 is more restrictive than Federal HIPAA laws and amends Section 521.053, of the Texas Business & Commerce Code by defining a deadline by which businesses must provide notice to affected individuals, requiring notice be provided without unreasonable delay, but no later than 60 days after discovering a breach has occurred. Businesses are also required to provide notice to the Texas attorney general within the same 60 days after a breach is discovered if the breach involves the sensitive personal information (SPI) of 250 or more Texas residents. For more information regarding HIPAA and other privacy protection laws, click below.
Read more »