Texas - Identity Theft Enforcement and Protection Act

By : 6clicks
The Texas Identity Theft Enforcement and Protection Act states that a person may not obtain, possess, transfer, or use personal identifying information of another person without the other person's consent and with intent to obtain a good, a service, insurance, an extension of credit, or any other thing of value in the other person's name.
In stock

Details

This download includes the Texas Identity Theft Enforcement and Protection Act so there are no mapped questions. Use this download if you just want the provisions and you want to create your own question set.

The Texas Identity Theft Enforcement and Protection Act states that a person may not obtain, possess, transfer, or use personally identifying information of another person without the other person's consent and with intent to obtain a good, a service, insurance, an extension of credit, or any other thing of value in the other person's name.

It also states that (a) A business shall implement and maintain reasonable procedures, including taking any appropriate corrective action, to protect from unlawful use or disclosure of any sensitive personal information collected or maintained by the business in the regular course of business.

(b) A business shall destroy or arrange for the destruction of customer records containing sensitive personal information within the business's custody or control that are not to be retained by the business by:

(1) shredding;

(2) erasing; or

(3) otherwise modifying the sensitive personal information in the records to make the information unreadable or indecipherable through any means.

The law defines “Personal Information” to include “An individual’s first name, or first initial and his or her last name, in combination with any one or more of the following data elements when either the name or the data element is not encrypted or redacted:

  • Social Security number;
  • Driver's license number or state identification card number;
  • Account number, credit card number, or debit card number in combination with any required security code, access code, or password that would permit access to an individual’s financial account;
  • Medical information, including any individually identifiable information, in electronic or physical form, regarding the individual’s medical history or medical treatment or diagnosis by a healthcare professional; or
  • Biometric data, such as an individual’s voiceprint, handprint, fingerprint, DNA, retinal/iris scan, hand geometry, faceprint, or any other unique biological characteristic, if the character is used by the owner or licensee to uniquely authenticate the individual’s identity when the individual accesses a system or an account.

Getting Started

Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.

More Information

More Information
Jurisdiction United States
Type Laws or related obligations