ADVERTISE PDF

May-June 2024

Flipbook

In this issue:

May 10, 2024

New Data Privacy Law in Texas: A New State Law Takes Effect on July 1, 2024

Government Affairs Update

By Kenneth Besserman, TXCPA’s Director of Government Affairs and Special Counsel

The Texas Data Privacy and Security Act (TDPSA) was signed into law in June 2023 and will take effect on July 1, 2024. Texas became the sixth state to pass a major data privacy law in 2023.

This comprehensive legislation aims to regulate how businesses collect, use and protect the personal data of Texas residents. CPAs should be aware of the new legislation for their own business purposes and advising clients.

Key Provisions of the TDPSA

Scope

The TDPSA applies to entities that:

  • Conduct business in Texas or produce a product or service consumed by residents of the state;
  • Process or sell any volume of personal data; and
  • Are not a small business, as defined by the U.S. Small Business Administration.

The TDPSA does not apply to:

  • Nonprofits;
  • State agencies and political subdivisions;
  • Financial institutions subject to the Gramm-Leach-Bliley Act;
  • Covered entities and business associates governed by HIPAA; and
  • Institutions of higher education.

The TDPSA also specifically exempts electric utilities, power generation companies and retail electric providers.

Consumer Rights

Consumers have the right to:

  • Confirm whether a controller is processing their personal data and access such personal data;
  • Correct inaccuracies in the consumer’s personal data;
  • Delete personal data provided by or obtained about the consumer;
  • Obtain a portable copy of the consumer’s personal data; and
  • Opt-out of processing for purposes of targeted advertising, sale of personal data or profiling.

Consumers also have the right to appeal a controller’s refusal to take action on a consumer request to exercise their rights.

Sensitive Data Focus. The TDPSA uniquely requires consumer consent before processing "sensitive personal data," which includes data such as Social Security numbers, passport numbers and precise geolocation data. If a controller sells sensitive data or biometric data, it must post a specific notice (i.e., “NOTICE: We may sell your [sensitive/biometric] personal data.”) in its privacy notice.

Assessments. Businesses are required to conduct a data protection impact assessment on the processing of personal data for targeted advertising, the sale of personal data, profiling, sensitive data, and any processing activities that involve personal data that present a heightened risk of harm to consumers.

Enforcement. The TDPSA authorizes the Texas Attorney General to enforce the Act. The AG provides a 30-day cure period, which does not sunset. For violations that are not cured, the AG may seek up to $7,500 in civil penalties per violation. The law also mandates that the AG provide controllers, processors and consumers with information on their rights and responsibilities on the AG’s website, along with an online portal for submitting complaints.

The TDPSA may have a significant impact on businesses that operate in Texas or handle data of Texas residents. Some potential impacts include the following.

  • Increased compliance costs to comply with the various requirements of the TDPSA, such as:
  • Developing and maintaining a clear and comprehensive privacy notice;
  • Implementing processes to handle consumer data requests (access, correction, deletion, etc.);
  • Conducting data protection assessments for high-risk processing activities; and
  • Updating data security measures to meet the "reasonable security" standard.

Operational Adjustments. Businesses may need to adjust their data collection practices to ensure they only collect data that's "reasonably necessary and proportionate" to their purpose. They may also need to modify their data usage and sharing practices to comply with consumer opt-out rights.

Impact on Marketing and Advertising. Businesses relying on targeted advertising or data-driven marketing strategies may need to adapt their approach to comply with the TDPSA's restrictions on the sale of personal data and opt-out rights for targeted advertising.

Potential Benefits

Improved Customer Trust and Brand Reputation. Implementing strong data privacy practices can enhance customer trust and loyalty, potentially leading to positive brand reputation.

Enhanced Data Security Posture. The focus on reasonable data security measures can lead to improved protection of consumer data, potentially reducing the risk of data breaches and associated costs.

Alignment with Evolving Data Privacy Landscape. As data privacy regulations continue to evolve, complying with the TDPSA can help businesses prepare for and adapt to future regulations in other states or at the federal level.

Overall, the impact of the TDPSA on businesses will depend on several factors, including the size and nature of the business, its data practices and its existing data security posture. While compliance will require effort and resources, it can also present opportunities to improve data management practices, build trust with customers and prepare for the evolving data privacy landscape.

You can read more about the new law on our website here.

About the Author: Kenneth Besserman, JD, is TXCPA’s Director of Government Affairs and Special Counsel.

May-June 2025

Flipbook

In This Issue

  • TXCPA’s 2024-2025 Year in Review

    TXCPA addressed key challenges in the accounting profession through strategic initiatives focused on the CPA talent shortage, advocating for licensure flexibility, expanding student outreach, and enhancing member services. Key achievements included support for legislation introducing additional CPA pathways, strong participation in advocacy efforts and impressive engagement in CPE programs.
    View Article

  • CPE: The Significance of Codes of Conduct in Professional Organizations - Standards for Ethical Practice

    This article examines the ethical codes of four major professional organizations - AICPA, ACFE, CFA Institute, and IIA - highlighting their shared values of integrity, objectivity, confidentiality, and competence. While all emphasize ethical behavior and professional standards, each code is tailored to the unique responsibilities of its field.
    View Article
    CPE Creditable

  • Spotlight on the Accounting Profession: Jessica Rodriguez Reyes

    Jessica Rodriguez Reyes, an outstanding undergraduate in the BS/MS accounting program at the University of North Texas, shares her journey as a first-generation college student. With internship experiences in small and large firms, Jessica emphasizes the value of hands-on learning and her dedication to mentoring other students is making a noticeable impact.
    View Article

  • Special Report: The Digital Transformation of Accounting

    Digital transformation is reshaping accounting, making technology adoption essential for firms to stay competitive. Automation streamlines reporting, while document management systems improve organization and compliance. Embracing innovation allows firms to boost efficiency, deliver deeper client value and lead in a rapidly evolving profession.
    View Article

  • What’s Happening Around Texas - May-June 2025

    Members in Austin, Dallas and San Antonio participated in community service activities and professional networking events. Fort Worth hosted a successful masquerade ball to fund scholarships, while TXCPA South Plains introduced its new board. Southeast Texas engaged students at a career expo, Victoria hosted a student-CPA coffee meet-up, and Wichita Falls organized an educational event at Midwestern State University.
    View Article

  • 89th Legislative Session Review: A Productive Session for TXCPA

    The 89th session of the Texas Legislature began on January 14, 2025. TXCPA has been hard at work advocating its legislative agenda and has had a very productive session. Texas is one of the state leaders in addressing CPA pipeline issues.
    View Article

  • How Accountants Can Embrace an Entrepreneurial Spirit

    The use of AI-driven technologies has resulted in numerous tools that threaten the existence of many professionals. Accountants are not immune to the threat since many of their tasks can be automated. To stay relevant, accountants can upskill or start their own business. Despite low risk tolerance, their financial expertise makes them strong entrepreneurial candidates.
    View Article

  • A Year of Progress and Impact

    As the 2024–2025 membership year ends, we reflect on a year of progress driven by the dedication of leadership, volunteers and, most importantly, our members. Together, we advanced initiatives, strengthened our community and expanded our reach. Looking forward, even greater opportunities lie ahead to build on this success.
    View Article

  • Maximizing Audits: Key Elements for Efficient and Successful Financial Assessments

    Audits provide stakeholders with reliable financial insights, but the process can be daunting for companies. To prepare effectively, businesses should focus on strong internal controls, accurate transaction records and clear, compliant financial statements. Internal controls help prevent fraud and ensure accurate reporting, while well-organized documentation streamlines auditor reviews.
    View Article

  • Key Considerations for Financial Statement Auditors Before Leveraging Artificial Intelligence in Their Audits

    There is a growing role for generative AI tools to be used in financial statement audits. The tools offer numerous advantages, including enhanced data analysis, continuous learning, predictive insights, audit automation, and cost savings. However, challenges remain, such as data privacy risks, bias in training data and the inability to verify source data. Learn more in this article.
    View Article

  • Accounting Firms Continue to Innovate in Response to Rapidly Changing Market Conditions

    There is a growing trend of private equity investments in CPA firms amid declining CPA Exam participation, talent shortages and rising reliance on AI. While offering growth opportunities, the deals raise concerns about maintaining professional independence in a profit-driven model.
    View Article

  • Take Note

    In this edition of Take Note: Renew Your TXCPA Membership Today; TXCPA Passport is On-Demand CPE at Your Fingertips; Tips to Reduce Digital Overload; Get Published in Today’s CPA Magazine
    View Article

  • Classifieds

    The classified ad section features listings for practice owners looking to sell, professionals seeking firms to purchase and a variety of specialized services. Whether you're looking to expand, sell or explore niche opportunities, these classified ads can connect you to valuable business prospects and resources.
    View Article

CHAIR
Mohan Kuruvilla, Ph.D., CPA

PRESIDENT/CEO
Jodi Ann Ray, CAE, CCE, IOM

CHIEF OPERATING OFFICER
Melinda Bentley, CAE

EDITORIAL BOARD CHAIR
Jennifer Johnson, CPA

MANAGER, MARKETING AND COMMUNICATIONS
Peggy Foley
pfoley@tx.cpa

MANAGING EDITOR
DeLynn Deakins
ddeakins@tx.cpa

COLUMN EDITOR
Don Carpenter, MSAcc/CPA

DIGITAL MARKETING SPECIALIST
Wayne Hardin, CDMP, PCM®

CLASSIFIEDS
DeLynn Deakins

Texas Society of CPAs
14131 Midway Rd., Suite 850
Addison, TX 75001
972-687-8550
ddeakins@tx.cpa

 

Editorial Board
Derrick Bonyuet-Lee, CPA-Austin;
Aaron Borden, CPA-Dallas;
Don Carpenter, CPA-Central Texas;
Rhonda Fronk, CPA-Houston;
Aaron Harris, CPA-Dallas;
Baria Jaroudi, CPA-Houston;
Elle Kathryn Johnson, CPA-Houston;
Jennifer Johnson, CPA-Dallas;
Lucas LaChance, CPA-Dallas, CIA;
Nicholas Larson, CPA-Fort Worth;
Anne-Marie Lelkes, CPA-Corpus Christi;
Bryan Morgan, Jr, CPA-Austin;
Stephanie Morgan, CPA-East Texas;
Kamala Raghavan, CPA-Houston;
Amber Louise Rourke, CPA-Brazos Valley;
Shilpa Boggram Sathyamurthy, CPA-Houston, CA
Nikki Lee Shoemaker, CPA-East Texas, CGMA;
Natasha Winn, CPA-Houston.

CONTRIBUTORS
Melinda Bentley; Kenneth Besserman; Kristie Estrada; Holly McCauley; Craig Nauta; Kari Owen; John Ross; Lani Shepherd; April Twaddle; Patty Wyatt