Texas House Bill300 also known as Texas HB300 was effective on September 1, 2012. This bill significantly expands patient privacy protections for Texas covered entities beyond those federal requirements known as "HIPAA" and "HITECH."

Texas HB 300 expanded legal requirements by: 

  • revising the definition of a "covered entity";
  • increasing mandates on covered entities, including requiring customized employee training;
  • establishing standards for the use of electronic health records ("EHRs");
  • granting enforcement authority to several state agencies; and
  • increasing civil and criminal penalties for the wrongful electronic disclosure of PHI.