GPSolo®
General Practice, Solo and Small Firm Section of the State Bar of Texas
|
Document Traps
|
|
|
Section 35.48 of the
Business and Commerce Code was amended so that businesses
that store personal information on consumers are required to
"modify" the information so as to make it "unreadable" when
they dispose of the information. If they don't there is a
penalty.
Here are the subsections that were
added:
- (d) When a
business disposes of a business record that contains
personal identifying information of a customer of the
business, the business shall modify, by shredding,
erasing, or other means, the personal identifying
information to make it unreadable or
undecipherable.
- (e) A business
is considered to comply with Subsection (d) if the
business contracts with a person engaged in the business
of disposing of records for the modification of personal
identifying information on behalf of the business in
accordance with Subsection (d).
- (f) A business
that does not dispose of a business record of a customer
in the manner required by Subsection (d) is liable for a
civil penalty of up to $500 for each record. The attorney
general may bring an action against the business
to:
- (1) recover
the civil penalty; (2) obtain any other remedy, including
injunctive relief; and (3) recover costs and reasonable
attorney's fees incurred in bringing the
action.
- (g) A business
that modifies a record as required by Subsection (d) in
good faith is not liable for a civil penalty under
Subsection (f) if the record is reconstructed, in whole
or in part, through extraordinary means.
Section 35.58 deals with the
necessity for the confidentiality of social security
numbers. Section 35.581 requires a written policy on privacy
if you require social security numbers from your
clients.
|
|