Press release

HITRUST® Supports Texas Legislation on Privacy

Sponsored by Businesswire

a leading data protection standards development and certification
organization, supports legislation that would create a council to study
privacy laws and how privacy practices for Texas businesses could be
strengthened through potential legislation.

Representative Giovanni Capriglione’s (Southlake) House Bill 4390,
passed by the Texas House unanimously on May 7, 2019 and would create
the Texas Privacy Protection Advisory Council. The Council would study
and evaluate Texas laws and other privacy laws in order to make
recommendations to the Texas Legislature on privacy provisions to
consider during the 2021 session. The Council would include
representatives from the Texas House, Texas Senate, and industry

HITRUST applauds Rep. Capriglione’s concept of a public-private council
to review and make recommendations in this important policy area.
Consumer awareness of data protection issues continue to attract
scrutiny and Texas businesses must acknowledge and respond to consumer
concerns. Ensuring that policy experts and representatives of the
businesses who would need to implement any changes work together will
allow Texas to address data protection and privacy in an effective,
efficient, and practical manner.

“Texas is known as a leader in data privacy and innovation,” said Anne
Kimbol, HITRUST’s Chief Privacy Officer. “We fully support our
government partners leveraging the expertise of the private sector to
drive privacy and security best practices and further protect Texans
with meaningful legislation such as HB 4390.”

HITRUST is the standard in privacy and security certifications and has
unique insight into the privacy practices and challenges facing
businesses across industries. As an independent party, HITRUST brings
value to public policy discussions, such as HB 4390, and similar
legislation in other States.

House Bill 4390 is currently in the Texas Senate.


Since it was founded in 2007, HITRUST has championed programs that
safeguard sensitive information and manage information risk for global
organizations across all industries and throughout the third-party
supply chain. In collaboration with privacy, information security and
risk management leaders from the public and private sectors, HITRUST
develops, maintains and provides broad access to its widely adopted
common risk and compliance management frameworks, related assessment and
assurance methodologies.

HITRUST understands the challenges of assembling and maintaining the
many and varied programs needed to manage information risk and
compliance. The
HITRUST Approach
provides organizations a comprehensive information
risk management and compliance program to provide an integrated approach
that ensures all programs are aligned, maintained and comprehensive to
support an organization’s information risk management and compliance

For more information, visit