Texas Data Privacy & Security Act

The Texas Data Privacy and Security Act (TDPSA) is a data privacy law enacted to enhance personal data protection for Texas residents. It aims to provide transparency and control over personal data while establishing specific requirements for businesses handling such data. The law became effective on July 1, 2024.

TDPSA applies to businesses that:

• Operate in Texas or offer goods or services to Texas residents.
• Control or process personal data of at least 50,000 Texas residents annually or
• Derive significant revenue from the sale of personal data.

TDPSA Guidelines

Texas residents are granted the following rights under the TDPSA:

• Access: The right to view the personal data held by businesses.
• Correction: The right to request corrections to inaccurate personal data.
• Deletion: The right to request the deletion of their personal data.
• Data Portability: The right to obtain a copy of their personal data in a format that is easily transferable to another entity.
• Opt-Out: The right to opt out of the sale of their personal data and the use of their data for targeted advertising.

Businesses that meet the criteria for TDPSA must:

• provide a clear privacy notice outlining their data collection, processing, and sharing practices. 
• conduct assessments to evaluate and mitigate risks associated with data processing activities.
• implement reasonable security measures to protect personal data from unauthorized access, use, or disclosure.
• establish contracts with data processors to ensure they comply with TDPSA requirements
• seek explicit consent for collecting sensitive data categories, including health information or biometric data. 
• notify affected individuals of data breaches within a reasonable timeframe, typically within 60 days of discovering the breach.

How Finite State Helps You Comply with TDPSA

Finite State can complement your data protection efforts by strengthening your data security capabilities, particularly by: 

• Enforcing Secure Coding Practices: Seamless integrations into existing CI/CD pipelines automatically analyze source code and compiled binaries for common security vulnerabilities and coding errors. This allows engineers to identify vulnerabilities hidden deep within legacy code and third-party libraries and detect and address issues early in the development process.
• Real-Time Threat Detection: Integrations with vulnerability databases provide up-to-date information on the latest threats and exploits, allowing for the proactive identification of potential risks before they can be exploited.
• Automate Vulnerability Identification: Using our advanced binary and source code SCA, vulnerabilities can be identified as they’re introduced across the SDLC to help teams keep applications secure.
• Comprehensive SBOM Solutions: Automatically generate Software Bill of Materials throughout the SDLC and easily compile detailed information on all components in your products, including open-source libraries, third-party dependencies, and custom code to improve transparency and identify potential security risks in your software supply chain.

Strong cybersecurity requires a collective effort. Talk to the team today to discover how Finite State can help you comply with TDPSA.