In June 2023, Texas took a significant step forward in protecting consumer data by passing the Texas Data Privacy and Security Act, set to take effect on July 1, 2024. As one of the most populous states, this act places Texas alongside California as a leader in comprehensive privacy protections in the United States.
In this blog, Jim Howicz, managing partner at Richards Rodriguez & Skeith, will discuss the new legislation and its implications for businesses, especially small businesses in Texas.
One unique aspect of the Texas law is its exemption for small businesses as defined by the Small Business Administration (SBA).
Additionally, businesses already governed by other privacy laws, such as financial institutions or entities under HIPAA, are also exempt. This means that many businesses may not be affected by the new statutes. However, this doesn’t lessen the importance of implementing robust privacy and data security measures.
Read Our Blog: Expressions that Bind: The Increasing Legal Challenge Over Emojis
Regardless of size, all businesses should engage in best practices for data privacy and security. Simple steps can include the following:
Establish and adhere to internal guidelines on how customer data is handled and protected within your organization.
Clearly outline your data usage on your company’s website, focusing primarily on transaction processing if customer data isn’t sold or shared otherwise. An example of our own Privacy Policy can be found on our website: https://rrsfirm.com/privacy-policy/
When collecting customer data, such as email addresses, ensure customers are informed about how their data will be used and obtain their consent.
If customers ask to stop receiving communications or request data deletion, comply in a timely and efficient manner.
Ensure that any transmission of customer information is encrypted to protect data from unauthorized access.
Do not store sensitive payment details like credit card numbers; instead, rely on your payment processor to handle this securely.
See Our Video Archive: My Texas Business Had a Data Breach. Now What?
Even if your business is exempt from the Texas Data Privacy and Security Act, you might still need to comply with privacy regulations from other states or countries, depending on your market reach.
Furthermore, if your business activities include selling customer data, it’s crucial to consult with legal counsel to navigate this area compliantly.
The importance of customer privacy cannot be overstated, and businesses must stay vigilant in maintaining trust through proper data management practices. As privacy laws evolve, staying informed and consulting with a dedicated small business legal team will help safeguard your business against potential legal challenges while ensuring that customer data is handled with the highest standard of care.
Austin is renowned for its barbecue, attractions, and fresh culinary offerings. Some even cite the…
Mergers and acquisitions (M&A) always come with risk, especially when intellectual property (IP) and sensitive…
If you're a business owner preparing to sell—or considering buying—a business, there's one tool you…
Small business leaders are already evolving their leadership strategies to include generative AI, from internal…
On March 26, 2025, U.S. District Judge Sidney Stein ruled that a copyright lawsuit from…
Creative assets exchange countless hands between studios, writers, and producers in the film industry. The…