Authority/Reference(s) Human Resource Code, Subtitle D, §40.058
Revision Date September 1, 2021

Policy

Contractors must report any possible or actual unauthorized disclosure or data breach of DFPS confidential information to the DFPS Chief Information Security Officer (infosec@dfps.texas.gov)  as soon as possible, but no later than 24 hours after discovery. Contractors must cooperate with DFPS when investigating, mitigating, and issuing notifications for an unauthorized disclosure or data breach.

Contract managers who become aware of a possible or actual unauthorized disclosure or data breach, must verify with the DFPS Chief Information Security Officer that the breach has been reported by the contractor.