For Texas Businesses, the ‘what happens now’ really depends on the Texas Identity Theft Enforcement and Protection Act. This may sound like a mouthful, but this Texas statute tells business owners what they need to do if their system has been breached and your customers’ information has been stolen.
The first question that a Texas business should be looking at is the type of information that was stolen and determine whether that information counts as sensitive, private information for purposes of the act.
As a business owner, once you’ve determined that sensitive, private information of your customers has been stolen – what do you do then? Firstly, the act requires you to notify each one of your customers who had sensitive, private information stolen. Business owners should try to notify the customers as soon as possible and when practical.
In a nightmare-like scenario when you’ve had over 10,000 customers’ information stolen, not only do you have to contact each and every one of those customers, but you also have to notify each of the national credit bureaus. What we advise our clients is the best way to deal with a data breach is to be prepared beforehand. Here’s what Texas business owners can do to prepare in the event of a data breach:
Firstly, have a written data-breach plan where you and everyone in your organization know what to do after a breach of sensitive, private information. This plan should include who to contact, who in your organization will be contacting those affected, and who has the credit reporting information. All of these things will need to be put into place as soon as possible following a data breach.
The second thing you’ll want to do before a data breach occurs is to encrypt as much data as possible. Encryption does provide a level of protection for business owners if the information is stolen. If a business owner encrypts information, but the encryption keys are not stolen – the business must take full responsibility for the data breach and it is not covered under the Identity Theft Enforcement and Protection Act.
Another step we recommend to business owners to prepare ahead of a data breach is to look into the cost and availability of data theft insurance. This insurance can provide a source of funds so that businesses can take all the necessary steps after a data breach occurs, without jeopardizing their own business cost and expenses. This provides businesses a cushion to do what is needed, without having business owners worry about a single data breach putting them out of business.
Austin is renowned for its barbecue, attractions, and fresh culinary offerings. Some even cite the…
Mergers and acquisitions (M&A) always come with risk, especially when intellectual property (IP) and sensitive…
If you're a business owner preparing to sell—or considering buying—a business, there's one tool you…
Small business leaders are already evolving their leadership strategies to include generative AI, from internal…
On March 26, 2025, U.S. District Judge Sidney Stein ruled that a copyright lawsuit from…
Creative assets exchange countless hands between studios, writers, and producers in the film industry. The…