81R2808 JE-F
By: Ellis S.B. No. 962
A BILL TO BE ENTITLED
AN ACT
relating to a business's electronic transmission of the sensitive
personal information of its customers.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
SECTION 1. Section 521.052, Business & Commerce Code, as
effective April 1, 2009, is amended by amending Subsection (c) and
adding Subsection (d) to read as follows:
(c) Subsections (a) and (b) do [This section does] not apply
to a financial institution as defined by 15 U.S.C. Section 6809.
(d) A business may not transfer the sensitive personal
information of a customer through an electronic transmission, other
than a facsimile, to a person outside of the secure computer-based
information system of the business unless the business uses
encryption to ensure the security of electronic transmissions of
its customers' sensitive personal information. In this subsection,
"encryption" means the use of an algorithmic process, or another
method that is at least as secure as an algorithmic process, to
convert data into a form in which meaning cannot be assigned without
the use of a key or other confidential process.
SECTION 2. This Act takes effect September 1, 2009.