1. Home
  2. About TMA
  3. TMA Publications

New Texas Law Shortens Data Breach Notification Period
By Emma Freer

Texas physician practices and other health care facilities soon will be required to give more timely and public notice of any breaches of computerized data, including electronic health records (EHRs) and billing information. 

During the 2023 regular legislative session, state lawmakers passed Senate Bill 768 by Sen. Tan Parker (R-Flower Mound), which takes effect Sept. 1. The law requires anyone doing business in Texas to notify the state attorney general of computer security breaches involving the sensitive, personal information of at least 250 individuals as soon as possible, and not later than 30 days after discovery, down from 60 days.  

Physician practices and other businesses must notify the attorney general’s office of any such breach using its online form. Once notified, the attorney general will add the breach to a publicly accessible listing. Failure to comply could result in a fine of up to $50,000 for each violation, among other consequences. Senator Parker cited an increase in cybercrimes, including identify theft, as a motivation for the law, according to his statement of intent.  

Shannon Vogel, associate vice president of health information technology for the Texas Medical Association, notes SB 768 differs from federal rules regarding computer security breaches. 

Under HIPAA, physicians and other covered entities must alert affected individuals of any breaches within 60 days of discovery. In cases where a breach has affected 500 individuals or more, they also must alert area media outlets and the U.S. Department of Health and Human Services within the same period. HIPAA violators may incur civil and criminal penalties.  

Ms. Vogel encourages Texas physician practices to be mindful of and comply with requirements at both the state and federal levels.  

A health care data breach costs $11 million on average, according to IBM Security’s 2023 Cost of Data Breach Report. The top three factors amplifying this cost are security system complexity, security skills shortages, and noncompliance with regulations.  

For more information, check out TMA’s HIPAA Resource Center.  

 

Last Updated On

August 21, 2023

Originally Published On

August 09, 2023

Emma Freer

Associate Editor

(512) 370-1383
emma.freer[at]texmed[dot]org  
 

Emma Freer is a reporter for Texas Medicine. She previously worked in local news, covering city politics, economic development, and public health. A native Clevelander, she graduated from Columbia Journalism School and the University of St. Andrews.

More stories by Emma Freer  

TMA Membership

What could a TMA Membership mean for you, your practice, and your patients?

Join TMA Now

Texas Medicine 

Incoming TMA President Ray Callas, MD's 26 years of experience as a member have prepared him to lead the association at a time when Texas physicians face economic challenges and when the state simultaneously faces a record influx of new physicians amid a workforce shortage. Both, he says, are opportunities that put organized medicine in a unique position to offer feasible solutions. TMA also debuts its newest leadership development program for physicians at every career stage, and the TMA Alliance’s outgoing and incoming presidents share their passion for building and bonding the Family of Medicine. Plus, learn how TMA’s Physician Payment Resources Center communicates with payers on behalf of physicians’ best interests. 

April_24_TM_Cover

 

Get the latest issue.