Sec. 521.126. ELECTRONICALLY READABLE INFORMATION

(a) The department may not include any information on a driver's license, commercial driver's license, or personal identification certificate in an electronically readable form other than the information printed on the license and a physical description of the licensee.

(b) Except as provided by Subsections (d), (e), (g), (i), and (j), a person commits an offense if the person:

(1) accesses or uses electronically readable information derived from a driver's license, commercial driver's license, or personal identification certificate; or

(2) compiles or maintains a database of electronically readable information derived from driver's licenses, commercial driver's licenses, or personal identification certificates.

(c) An offense under Subsection (b) is a Class A misdemeanor.

(d) The prohibition provided by Subsection (b) does not apply to a person who accesses, uses, compiles, or maintains a database of the information for a law enforcement or governmental purpose, including:

(1) an officer or employee of the department carrying out law enforcement or government purposes;

(2) a peace officer, as defined by Article 2.12, Code of Criminal Procedure, acting in the officer's official capacity;

(3) a license deputy, as defined by Section 12.702, Parks and Wildlife Code, issuing a license, stamp, tag, permit, or other similar item through use of a point-of-sale system under Section 12.703, Parks and Wildlife Code;

(4) a person acting as authorized by Section 109.61, Alcoholic Beverage Code;

(5) a person establishing the identity of a voter under Chapter 63, Election Code;

(6) a person acting as authorized by Section 161.0825, Health and Safety Code; or

(7) a person screening an individual who will work with or have access to children if the person is an employee or an agent of an employee of a public school district or an organization exempt from federal income tax under Section 501(c)(3), Internal Revenue Code of 1986, as amended, that sponsors a program for youth.

(e) The prohibition provided by Subsection (b)(1) does not apply to a financial institution or a business if the information is accessed and used only for purposes of identification verification of an individual or check verification at the point of sale for a purchase of a good or service by check. The prohibition provided by Subsection (b)(2) does not apply to a financial institution if each license or certificate holder whose information is included in the compilation or database consents to the inclusion of the person's information in the compilation or database. Consent under this subsection must be on a separate document, signed by the license or certificate holder, that explains in at least 14-point bold type the information that will be included in the compilation or database. For the purposes of this subsection, "financial institution" has the meaning assigned by 31 U.S.C. Section 5312(a)(2), as amended.

(f) A person may not use information derived from electronically readable information from a driver's license, commercial driver's license, or personal identification certificate to engage in telephone solicitation to encourage the purchase or rental of, or investment in, goods, other property, or services.

(g) If authorized by the executive or administrative head of a maritime facility as defined in the Maritime Transportation Security Act of 2002 (46 U.S.C. Section 70101 et seq.), or of a port, port authority, or navigation district created or operating under Section 52, Article III, or Section 59, Article XVI, Texas Constitution, a person may access, use, compile, or maintain in a database electronically readable information derived from a driver's license, commercial driver's license, or personal identification certificate to secure the facility or port. The information may be used only to:

(1) identify an individual;

(2) provide official credentials for an individual;

(3) track or limit the movement of an individual on facility property;

(4) establish a secure database of visitors to the facility;

(5) access the information at terminal and gate operations of the facility; or

(6) conduct other security or operational activities as determined by the executive or administrative head.

(h) Except as provided by Section 418.183, Government Code, the electronically readable information derived from a driver's license, commercial driver's license, or personal identification certificate for the purposes of Subsection (g) is confidential and not subject to disclosure, inspection, or copying under Chapter 552, Government Code.

(i) The prohibition provided by Subsection (b) does not apply to a hospital that accesses, uses, compiles, or maintains a database of the information to provide health care services to the individual who holds the driver's license, commercial driver's license, or personal identification certificate.

(j) Except as otherwise provided by this subsection, a hospital may not sell, transfer, or otherwise disseminate the information described by Subsection (i) to a third party for any purpose, including any marketing, advertising, or promotional activities. A hospital that obtains information described by Subsection (i) may transfer the information only in accordance with the rules implementing the federal Health Insurance Portability and Accountability Act of 1996 (Pub. L. No. 104-191). A business associate, and any subcontractor of the business associate who receives the transferred information, may use the information only to service or maintain the hospital's database of the information.

(k) If an individual objects to the hospital collecting the individual's information from the individual's driver's license as described by Subsection (i), the hospital must use an alternative method for collecting the individual's information.