Spencer Fane attorney Shawn Tuma was a guest on the State Bar of Texas Podcast’s February 1 episode to discuss a key update to data privacy and cybersecurity regulation in the state.
During the episode, Demystifying the Texas Data Privacy and Security Act, Shawn spoke with host Rocky Dhir about the new Texas legislation going into effect on July 1, 2024. He summarized the elements of this act and how it will impact Texas attorneys’ clients and practices. He also provided security best practices for compliance with new regulations.
“The most important thing I can tell Texas lawyers and Texas law firms is this law is about compliance on processing and selling personal data of consumers. The Texas Breach Notification law applies to every single one of you,” Shawn said. He underscored that regardless of law firm size, any practice faced with “a compromise of personal information – a data breach – they fall under the definition of the Texas Breach Notification law, and they then have to comply with that.”
Shawn then outlined what the incident response and notification process entails. He emphasized that Texas Breach Notification law requires that all individuals impacted by a data breach must be notified “if they’re all within Texas, within 60 days. If you have 250 or more individuals in Texas impacted, [notify] the Texas Attorney General within 30 days of this determination.”
At Spencer Fane, Shawn co-leads the firm’s Data Privacy and Cybersecurity Practice Group. He helps businesses protect their information and protect themselves from their information. Shawn is a frequently sought-out thought leader who represents a wide range of clients in dealing with cybersecurity, data privacy, data breach and incident response, regulatory compliance, computer fraud-related legal issues, and cyber-related litigation.
Listen to Shawn’s full podcast episode or read the transcript here.
