Tex. Gov't Code § 2063.302
(a) A state agency or local government that owns, licenses, or maintains computerized data that includes sensitive personal information, confidential information, or information the disclosure of which is regulated by law shall, in the event of a cybersecurity incident:
(2) not later than 48 hours after the discovery of the cybersecurity incident, notify:
(e) Contract language in a cybersecurity insurance contract or other contract for goods or services prohibiting or restricting a state agency's or local government's compliance with this section or otherwise circumventing the requirements of this section is void and unenforceable.
Transferred, redesignated and amended from Government Code, Section 2054.1125 by Acts 2023, 88th Leg., R.S., Ch. 67 (S.B. 271), Sec. 1, eff. September 1, 2023.
Transferred, redesignated and amended from Government Code, Section 2054.603 by Acts 2025, 89th Leg., R.S., Ch. 331 (H.B. 150), Sec. 9, eff. September 1, 2025.
Added by Acts 2009, 81st Leg., R.S., Ch. 419 (H.B. 2004), Sec. 4, eff. September 1, 2009.
Acts 2017, 85th Leg., R.S., Ch. 683 (H.B. 8), Sec. 8, eff. September 1, 2017.
Acts 2019, 86th Leg., R.S., Ch. 509 (S.B. 64), Sec. 14, eff. September 1, 2019.
Acts 2025, 89th Leg., R.S., Ch. 683 (H.B. 5331), Sec. 1, eff. September 1, 2025.