| Old | New | Differences | |
|---|---|---|---|
| 1 | 1 | 81R2808 JE-F | |
| 2 | 2 | By: Ellis S.B. No. 962 | |
| 3 | 3 | ||
| 4 | 4 | ||
| 5 | 5 | A BILL TO BE ENTITLED | |
| 6 | 6 | AN ACT | |
| 7 | 7 | relating to a business's electronic transmission of the sensitive | |
| 8 | 8 | personal information of its customers. | |
| 9 | 9 | BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: | |
| 10 | 10 | SECTION 1. Section 521.052, Business & Commerce Code, as | |
| 11 | 11 | effective April 1, 2009, is amended by amending Subsection (c) and | |
| 12 | 12 | adding Subsection (d) to read as follows: | |
| 13 | 13 | (c) Subsections (a) and (b) do [This section does] not apply | |
| 14 | 14 | to a financial institution as defined by 15 U.S.C. Section 6809. | |
| 15 | 15 | (d) A business may not transfer the sensitive personal | |
| 16 | 16 | information of a customer through an electronic transmission, other | |
| 17 | 17 | than a facsimile, to a person outside of the secure computer-based | |
| 18 | 18 | information system of the business unless the business uses | |
| 19 | 19 | encryption to ensure the security of electronic transmissions of | |
| 20 | 20 | its customers' sensitive personal information. In this subsection, | |
| 21 | 21 | "encryption" means the use of an algorithmic process, or another | |
| 22 | 22 | method that is at least as secure as an algorithmic process, to | |
| 23 | 23 | convert data into a form in which meaning cannot be assigned without | |
| 24 | 24 | the use of a key or other confidential process. | |
| 25 | 25 | SECTION 2. This Act takes effect September 1, 2009. |