Texas Business and Commerce Code

Sec. § 521.002


In this chapter:


“Personal identifying information” means information that alone or in conjunction with other information identifies an individual, including an individual’s:


name, social security number, date of birth, or government-issued identification number;


mother’s maiden name;


unique biometric data, including the individual’s fingerprint, voice print, and retina or iris image;


unique electronic identification number, address, or routing code; and


telecommunication access device as defined by Section 32.51 (Fraudulent Use or Possession of Identifying Information), Penal Code.


“Sensitive personal information” means, subject to Subsection (b):


an individual’s first name or first initial and last name in combination with any one or more of the following items, if the name and the items are not encrypted:


social security number;


driver’s license number or government-issued identification number; or


account number or credit or debit card number in combination with any required security code, access code, or password that would permit access to an individual’s financial account; or


information that identifies an individual and relates to:


the physical or mental health or condition of the individual;


the provision of health care to the individual; or


payment for the provision of health care to the individual.


“Victim” means a person whose identifying information is used by an unauthorized person.


For purposes of this chapter, the term “sensitive personal information” does not include publicly available information that is lawfully made available to the public from the federal government or a state or local government.
Added by Acts 2007, 80th Leg., R.S., Ch. 885 (H.B. 2278), Sec. 2.01, eff. April 1, 2009.
Amended by:
Acts 2009, 81st Leg., R.S., Ch. 419 (H.B. 2004), Sec. 1, eff. September 1, 2009.

Last accessed
Jun. 7, 2021