Texas Workplace Compliance
News & Resources

Who: Texas government agencies and private sector employers

When: Effective January 1, 2026

On June 22, 2025, Texas Governor Greg Abbott signed HB 149 into law. Known as the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), the law regulates the development, deployment, and use of AI systems. The Act applies to entities that develop, deploy, or market AI systems in Texas, businesses that offer AI-powered products to Texans, and Texas government agencies that use AI systems. It takes effect on January 1, 2026.

TRAIGA prohibits some harmful practices, including using AI to manipulate human behavior, unlawfully discriminate, or create illegal content. Governmental entities may not use AI for social scoring or use biometric data if such use infringes on an individual’s legal rights. Government agencies must disclose to consumers when they are interacting with AI.

The Act provides for a regulatory sandbox, which is a regulator-supervised program where entities can test their AI programs under relaxed regulations for 36 months. They must still comply with the Act’s core consumer protection provisions. Participants must provide quarterly reports detailing their system’s performance, risks, benefits, and mitigation activities.

The state Attorney General can seek civil penalties of up to $12,000 for curable violations and up to $200,000 for uncurable violations. There is a 60-day cure period and no private right of action.

How to comply:

• Review and update your AI use policies.

Resources:

HB 149

Who: All Texas employers

When: Effective September 1, 2025

What: On September 1, 2025, Texas Senate Bill 835, known as “Trey’s Law,” takes effect and amends the Civil Practice and Remedies Code to make void and unenforceable any provision of a nondisclosure or confidentiality agreement that prohibits the disclosure of sexual abuse or facts related to an act of sexual abuse. The law applies to confidentiality or nondisclosure provisions in any kind of agreement, including employment contracts and settlement agreements.

The law was named after Trey Carlock, who died by suicide at age 28 after signing a nondisclosure agreement as part of a settlement with a summer camp where he was the victim of sexual abuse as a child. SB 835 was unanimously approved by Texas lawmakers and aims to protect victims of sexual abuse and assault while preventing organizations from covering up incidents.

“Sexual abuse” is specifically defined under the law to include child abuse under the Texas Family Code, as well as several criminal offenses under the Texas Penal Code including:

• Sexual assault and aggravated sexual assault
• Human trafficking and compelling prostitution
• Indecency with a child and sexual performance by a child

The law applies retroactively to agreements entered into before, on, or after the effective date. For pre-existing agreements, a person may not enforce or attempt to enforce a covered agreement or provision unless they obtain a final declaratory judgment that declares the agreement or provision is enforceable.

(SB835) The legislation has a narrow focus, targeting only those confidentiality and nondisclosure clauses that would prevent someone from revealing sexual abuse or related information. Other confidential terms within agreements remain permissible. For example, parties can still maintain confidentiality around financial terms such as settlement amounts, payment schedules, or other contract provisions, provided these restrictions do not interfere with an individual’s ability to disclose sexual abuse incidents or associated facts. The law also does not stop employers from prohibiting employees from disclosing company trade secrets or proprietary information.

How:

• Review all confidentiality and nondisclosure agreement provisions in employment contracts, settlement agreements, and other workplace agreements to ensure legal compliance. Make sure they do not prevent the disclosure of sexual abuse or related information.
• Add general “savings” language to confidentiality and nondisclosure provisions, clarifying they do not apply if prohibited by law.
• Consider seeking legal counsel to review multistate agreements, as other states have similar requirements with potentially additional restrictions.
• Review the employee handbook and standalone policies to confirm they explicitly prohibit all forms of unlawful conduct, such as discrimination, harassment, and sexual misconduct.

Additional Resources:

• Senate Bill 835

Who: Texas healthcare employers with physicians, dentists, nurses, and physician assistants

When: Effective September 1, 2025 (applies only to non-compete agreements entered into or renewed on or after this date)

What: On June 20, 2025, Texas Governor Greg Abbott signed Senate Bill 1318 into law, which modifies existing requirements for physician non-compete agreements under Section 15.50 of the Texas Business & Commerce Code and creates a new Section 15.501 extending certain non-compete restrictions for the first time to non-physician healthcare practitioners to include dentists, nurses, and physician assistants for the first time in Texas.

The law imposes more stringent requirements on physician non-compete agreements, including:

• Geographic Limit: Non-compete agreements must limit the restricted area to a maximum five-mile radius from the location where the physician primarily practiced before termination.
• Duration Cap: Non-compete restrictions must expire no later than one year from the date of contract or employment termination.
• Buyout Cap: All physician non-competes must include a buyout provision capped at the physician’s total annual salary and wages at the time of termination, replacing the previous “reasonable price” standard and eliminating the arbitration option.
• Clear Writing Requirement: The terms and conditions must be clearly and conspicuously stated in writing.
• Automatic Voidance: Non-compete agreements become “void and unenforceable” if a physician is involuntarily discharged without “good cause,” defined as a reasonable basis for discharge directly related to the physician’s conduct, job performance, or contract record.

The law clarifies that “managing or directing medical services in an administrative capacity for a medical practice or other health care provider” does not qualify as the “practice of medicine” for purposes of triggering the physician non-compete requirements, though such activities remain subject to broader general employee non-compete requirements.

How:

• Review and update all non-compete agreements to ensure compliance with new geographic (five-mile radius), temporal (one-year maximum), and buyout (capped at annual salary and wages) requirements.
• Practitioners working at multiple locations or remotely need to document the “primary practice location” in contracts to avoid disputes over the five-mile radius.
• Establish clear protocols for documenting terminations and maintain records to demonstrate “good cause” when applicable to avoid automatic voidance of restrictions.

Additional Resources:

• Senate Bill 1318

Who: All employers

When: Effective immediately

On May 15, 2025, the U.S. District Court for the Northern District of Texas vacated portions of the Equal Employment Opportunity Commission’s (EEOC’s) “Enforcement Guidance on Harassment in the Workplace.” This ruling is nationwide and affects the guidance, which was published in April 2024 and concerns protections of LGBTQ employees.

The guidance states that sexual harassment includes such actions as the repeated and intentional use of a name or pronoun inconsistent with the individual’s know gender identity and denying employees access to a bathroom consistent with their gender identity. In its ruling, the court stated that the EEOC’s guidance was arbitrary and capricious and exceeded the EEOC’s rulemaking authority.

The court concluded that the EEOC had acted contrary to law because it expanded the definition of “sex” beyond sexual orientation and gender identity; included sexual orientation and gender identity as protected classes under federal law; and included in the definition of sexual harassment certain actions, such as an employer’s failure to accommodate an employee’s request to have access to a bathroom based on their gender identity or be called by their preferred pronouns.

The EEOC cannot rescind or modify the guidance at this time due to a lack of a quorum, so it has labeled and shaded the vacated portions of the guidance on their website.

The ruling in the case of Bostock v. Clayton County, Georgia (2020) states that Title VII protects against discrimination based on sexual orientation and gender identity, and it remains in effect. Additionally, state and local laws prohibit discrimination based on sexual orientation and gender identity.

How:

• Review your policies to ensure compliance with state and federal laws.
• Monitor for additional guidance to be released.
• Consult with legal counsel to ensure compliance with the law.

Additional Resources:

State of Texas and the Heritage Foundation v. Equal Employment Opportunity Commission, et al.

Enforcement Guidance on Harassment in the Workplace

Enforcement Guidance on Harassment in the Workplace Sexual Orientation and Gender Identity

Who: Covered healthcare facility employers in Texas

When: Effective September 1, 2024

By September 1, 2024, covered healthcare facility employers in Texas must implement a workplace violence prevention plan. Employers must create a workplace violence prevention committee that includes a registered nurse, a physician who provides direct patient care (if one is employed at the facility), and an employee who provides security services. The committee helps create the workplace violence prevention plan, a written anti-violence policy, and training materials for their facility.

Chapter 331 of the Texas Health and Safety Code details what the workplace violence prevention plan and policy must include and the steps employers must follow. Among other requirements, the plan must explain how to report incidents of workplace violence, require training at least annually, and describe the system the facility will use to respond to and investigate violent incidents.

The law describes the obligations of healthcare facilities to report incidents of workplace violence. They must also provide post-incident services, including acute medical treatment as needed.

Employers may not retaliate against employees who exercise their rights under the law. Texas licensing agencies can take disciplinary action against employers that do not comply with the workplace violence prevention requirements.

How:

• Familiarize yourself with the provisions of the new law.
• Review your current workplace violence prevention plan, policy, training, and procedures to ensure compliance with the law.
• Establishing clear reporting procedures and a system for retaining documentation of incidents, reports of incidents, training, and annual review of the plan.
• Train employees how to recognize and respond to warning signs.
• Notify employees of the workplace violation prevention plan, policy, and training when you implement or revise them.

Additional Resources:

SB 240

Chapter 331 Workplace Violence Prevention

Workplace Violence Toolkit

Who: State of Texas

When: Effective immediately

Judge Sean Jordan of the U.S. District Court of the Eastern District of Texas ruled on June 28, 2024, that the State of Texas does not have to implement the new minimum salary thresholds that apply to exempt employees under the Fair Labor Standards Act (FLSA). The new limits went into effect on July 1, 2024.

The judge said that “white-collar” exemptions rely on the employee’s duties, not the salary, and that the new rule effectively makes salary a more important factor than duties for millions of employees. Thus, the changes exceeded the U.S. Department of Labor’s authority in the judge’s opinion.

The preliminary injunction applies only to government employees working for the State of Texas. It applies to the July 1, 2024, salary threshold change; the January 1, 2025, salary threshold change; and the automatic triennial salary threshold change, pending further order of the court.

The salary threshold is increasing from $35,568 to $43,888, effective July 1, 2024, and Texas employers other than the State of Texas must comply with the new rules. Effective January 1, 2025, the threshold will increase to $58,656. Certain positions, such as doctors, lawyers, teachers, and outside salespeople, are not subject to the minimum salary basis test.

How:

• Continue to monitor legal challenges to the law.

Additional Resources:

State Of Texas v. United States Department of Labor

Who: Texas for-profit entities and Texas residents

When: July 1, 2024

What:

On June 18, 2023, Governor Greg Abbot signed into law the Texas Data Privacy and Security Act (TDPSA), which goes into effect on July 1, 2024. The Act regulates the collection, use, processing, and treatment of Texas consumers’ personal data. It affects for-profit entities located in Texas or serving Texas residents.

Covered businesses are those that conduct business in Texas or produce a product or service consumed by Texas residents; process or engage in the sale of personal data; and are not considered small businesses. However, small businesses are subject to the provisions prohibiting the sale of sensitive personal data without permission. Several other exceptions exist, such as state agencies and businesses covered by HIPAA rules. Some data types are excluded, such as health records, employment data, and B2B transactions.

Data controllers are businesses that determine the purpose and means of processing personal data and must obtain consumer consent to process sensitive data. Data processors are businesses that carry out operations on personal data and follow the instructions of controllers. The law requires contracts between controllers and processors that contain specific provisions.

Consumers have several rights under the law:

• To know which personal data is being collected;
• To access a copy of their own personal data in a portable format;
• To correct inaccurate personal data;
• To delete personal data;
• To opt out of their personal data being processed;
• To opt in for the processing of sensitive personal data;
• To opt out of their personal data from being sold; used for targeted advertising and profiling; or used for automated decision-making that would produce a legal or other similar effect for them; and
• To appeal denied requests.

A business must respond to consumer requests without undue delay, but in no case later than 45 days after the receipt of the request.

Controllers must publish a clear, accessible privacy notice that explains:

• The types of personal data they process, including sensitive data;
• The purpose of the data processing;
• How consumers can exercise their rights under the law; and
• How they share the data.

The law imposes several other rules on controllers:

• Limit the collection of personal data to only what is necessary for the disclosed purposes for which the data is processed;
• Establish, implement, and maintain reasonable data security practices to protect the data;
• Do not discriminate or impose negative consequences on a consumer because they exercised any of their rights under the law; and
• Obtain consent for processing sensitive data.

Sensitive data includes data that reveals racial or ethnic origin; religious beliefs; mental or physical health condition or diagnosis; sex life or sexual orientation; citizenship or immigration status; genetic or biometric data processed for the purpose of identifying an individual; personal data obtained from a consumer known to be a child; and precise geolocation data within a radius of 1,750 feet.

The State Attorney General can assess statutory fines of up to $7,000 per violation. There is no private right of action.

How:

• Conduct and document a data protection assessment of each personal data processing activity.
• Ensure your controller–processor contracts comply with the law.
• Draft compliant privacy notices required by the Act.

Additional Resources:

H.B. 4