Texas Healthcare Compliance Requirements
State-specific breach notification rules, medical records retention periods, PDMP requirements, and mandatory reporting obligations for medical practices operating in Texas.
Breach Notification Rules
Notification deadline
60 calendar days
Notification must be made as quickly as possible but no later than 60 days after determination of breach. AG must be notified if 250+ Texas residents affected.
AG notification threshold
250+ affected individuals
Notify: AG
Harm analysis required
Penalty range
$2,000-$50,000 per violation under Deceptive Trade Practices Act
Medical Records Retention
| Record type | Retention period | Measured from |
|---|---|---|
| General medical | 7 years | Last treatment |
| Pediatric | 7 years | Patient turns 18 |
| Mental health | 7 years | Last treatment |
| Radiology | 7 years | Record creation |
PDMP Requirements — Texas PMP
Check required
Schedule II only
Check frequency
Every prescription
Delegation allowed
Penalty range
Licensing board discipline; Class B misdemeanor for willful noncompliance; fines up to $2,000
Exemptions
Hospice patients, cancer treatment, ≤3 day supply in ER, inpatient hospital or nursing facility, medication-assisted treatment for opioid use disorder
Mandatory Reporting Obligations
Mandated reporters
All persons including physicians, nurses, dentists, psychologists, and all healthcare professionals (universal mandatory reporting)
Report to
Department of Family and Protective Services (DFPS) or local law enforcement
Timeline
Within 48 hours
Penalty for failure
Class A misdemeanor; state jail felony if the person intended to conceal the abuse
Immunity provision
Good faith reporters immune from civil and criminal liability under TX Family Code 261.106
Mandated reporters
All persons including healthcare professionals who believe an elderly or disabled person is being abused
Report to
Department of Family and Protective Services (DFPS), Adult Protective Services
Timeline
Immediately / as soon as possible
Penalty for failure
Class A misdemeanor
Immunity provision
Good faith reporters immune from civil and criminal liability under TX Human Resources Code 48.054
Mandated reporters
Healthcare providers treating injuries from suspected domestic violence or criminal acts
Report to
Local law enforcement
Timeline
Immediately / as soon as possible
Immunity provision
Good faith reporters immune from civil liability
Mandated reporters
Physicians, laboratories, and healthcare facility administrators
Report to
Texas Department of State Health Services or local health authority
Timeline
Within 24 hours
Penalty for failure
Class B misdemeanor, up to $180 fine per day
Immunity provision
Good faith reporters immune from civil liability
Mandated reporters
All healthcare providers treating gunshot wounds or wounds from criminal violence
Report to
Local law enforcement
Timeline
Immediately / as soon as possible
Penalty for failure
Class A misdemeanor
Immunity provision
Good faith reporters immune from civil and criminal liability
Stay compliant in Texas
GuardWell tracks Texas-specific breach deadlines, PDMP requirements, retention periods, and mandatory reporting obligations automatically.