Texas Privacy Implementation Changes: New Requirements Now in Effect for Houston Businesses
Stay compliant with Texas’s comprehensive data privacy law as new opt-out requirements take effect January 1, 2025 understanding your obligations and consumer rights under TDPSA
Texas Privacy Implementation Changes: New Requirements Now in Effect for Houston Businesses
As we begin 2025, Texas businesses face significant new privacy requirements under the Texas Data Privacy and Security Act (TDPSA). While the act’s core provisions went into effect on July 1, 2024, today marks the implementation of crucial new requirements for universal opt-out mechanisms. These changes represent Texas’s commitment to strengthening consumer data protection.
Initial Implementation (July 1, 2024)
The TDPSA’s first phase established fundamental privacy protections for Texas residents, introducing comprehensive requirements for businesses handling personal data. These foundational elements created a framework for consumer rights and business obligations:
- Consumer rights to access, correct, and delete personal data
- Requirements for businesses to limit data collection
- Data security practice requirements
- Privacy notice mandates
- Controller and processor obligations
New Requirements (January 1, 2025)
Today’s implementation focuses on empowering consumers with greater control over their data through technological solutions. These new requirements significantly expand the ways consumers can protect their privacy:
- Mandatory recognition of browser privacy settings
- Support for global device preferences
- Required acceptance of privacy-focused browser extensions
- Implementation of unified opt-out mechanisms
Enforcement Framework
The Texas Attorney General’s office plays a central role in enforcing these new privacy requirements, with significant authority to ensure compliance:
- Texas Attorney General oversight
- 30-day cure period
- Penalties up to $7,500 per violation
Compliance Requirements
Understanding who must comply with these regulations is crucial for businesses operating in Texas. The act applies to a specific scope of organizations while providing important exemptions:
Who Must Comply:
- Businesses operating in Texas
- Organizations processing Texas residents’ data
- Companies not qualifying as “small” under SBA guidelines
Key Exemptions:
- State agencies
- HIPAA-covered entities
- Financial institutions under GLBA
- Nonprofits
- Higher education institutions
- Electric utilities
Understanding Small Business Classifications
The TDPSA’s small business exemption relies on the U.S. Small Business Administration’s (SBA) size standards. These standards determine whether a business qualifies as “small” based on industry-specific criteria:
Size Standards by Industry
- Manufacturing: Generally 500-1500 employees, varying by NAICS code
- Wholesale Trade: Generally 100-250 employees
- Retail Trade: Annual receipts ranging from $8.0 million to $47.0 million
- Services: Annual receipts typically between $8.0 million and $47.0 million
- Construction: Annual receipts generally up to $45.0 million
- Agriculture: Annual receipts up to $2.75 million
Key Factors in Size Determination
- Employee Count Calculation:
- Based on average employment over the past 24 months
- Includes all full-time, part-time, and temporary employees
- Counts employees of domestic and foreign affiliates
- Annual Receipts Calculation:
- Based on average annual receipts over the last 5 years
- Includes all revenue streams
- Must account for affiliate revenues
Resources for Size Determination
- SBA’s Table of Size Standards provides detailed breakdowns by NAICS code
- The Size Standards Tool on SBA.gov offers an interactive way to determine classification
- Federal Regulations in 13 CFR Part 121 provide comprehensive guidelines
How CinchOps Can Assist
As businesses navigate these new requirements, CinchOps offers comprehensive support to ensure full compliance with both existing and new TDPSA requirements. Our integrated solutions include:
- Technical integration of opt-out mechanisms
- Compliance validation
- Consumer rights management
- Privacy preference monitoring
- Documentation and reporting
Contact CinchOps today to ensure your business meets all TDPSA requirements, including today’s new privacy standards.