Data collection, Education and Security - Information Management Today

China Issues Data Security Law

Hunton Privacy

JUNE 16, 2021

After two rounds of public comments, the Data Security Law of the People’s Republic of China (the “DSL”) was formally issued on June 10, 2021, and will become effective on September 1, 2021. Data Security Policies. Data Security Obligation. increasing the punishment dynamics for violations of the law. .

Security

Security Education Cybersecurity Government

FTC Takes Action Against Chegg for Alleged Security Failures that Exposed Data of Employees and 40 Million Consumers

Hunton Privacy

NOVEMBER 2, 2022

On October 31, 2022, the Federal Trade Commission announced a proposed settlement with education technology provider Chegg in connection with the company’s alleged poor cybersecurity practices. .

Authentication

Authentication Security Encryption Data collection

President Biden issues sweeping artificial intelligence directives targeting safety, security and trust

Data Protection Report

NOVEMBER 9, 2023

These directives, which the White House presents as constituting the most significant action any government has taken to address AI safety, security and trust, cover a variety of issues for private and public entities domestically and internationally.

Artificial Intelligence

Artificial Intelligence Security Privacy Risk

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

COPPA Guidance for EdTech Companies and Schools During the Coronavirus

Hunton Privacy

APRIL 9, 2020

On April 9, 2020, the Federal Trade Commission (“FTC”) issued guidance under the Children’s Online Privacy Protection Act (“COPPA”) for operators of educational technology (“EdTech”) used both in school settings and for virtual learning.

Education

Education Data collection Privacy Information Security

News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses

The Last Watchdog

JANUARY 23, 2024

22, 2024 – Today, the National Cybersecurity Alliance (NCA) , announced the program for its third annual Data Privacy Week campaign, which will take place from January 22nd to January 27th. This even includes information about a person’s physical well-being, like health data from apps.

Data Privacy

Data Privacy Privacy Education Cybersecurity

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Deliberate or accidental action (or inaction) by the school or one of the processors : an example would be sending old PCs, laptops or filing cabinets to be destroyed without first removing the data held on them. Sending personal data to the wrong person : this includes any message sent by email, post or fax. Identity theft or fraud.

Personal data

Personal data Data breaches Data collection GDPR

New Android malicious library Goldoson found in 60 apps +100M downloads

Security Affairs

APRIL 15, 2023

The security firm reported its findings to Google, which notified the development teams. ” reads the analysis published by the security firm. The collected data is sent to the C2 server every two days, but the cycle depends on the remote configuration.

Libraries

Libraries Data collection Education Security

Businesses to Assist NHS Test and Trace Efforts

Hunton Privacy

JUNE 25, 2020

Establishments and companies in the UK will therefore be responsible for the additional collection and potential sharing of customers’ personal data. Any entity engaging in this kind of data collection will need to comply with the requirements of data protection law.

Data collection

Data collection Personal data Compliance Retail

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

These are based on publicly disclosed incidents in the media or security reports.” ” Anyone can request access to the data by compiling this form. According to the summary findings related to the period 2013-2020, the most targeted critical infrastructures are government facilities, followed by education and healthcare.

Ransomware

Ransomware Data collection Education Government

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020 (“CPRA”), California’s data breach notification law and California’s data security law. Genetic Data: California Data Breach Notification and Data Security Law Amendment Bill.

Privacy

Privacy Insurance Security Data breaches

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

A package containing features such as 3-D Secure support and support for configuring a phishing website, may cost up to $300. User personal data for sale. Crooks offers data collected through phishing campaign to the subscribers. The cyber security firm reported that it has prevented 7.1

Phishing

Phishing Sales Archiving Personal data

Biden AI Order Enables Agencies to Address Key Risks

Hunton Privacy

OCTOBER 31, 2023

President Biden issued an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence. Standards for AI Safety and Security Red-teaming requirements. The Administration will also support the expansion of AI-enabled tools in education. The Order’s provisions are summarized in further detail below. New standards.

Risk

Risk Artificial Intelligence Privacy Military

Dame Fiona Caldicott obituary

The Guardian Data Protection

MARCH 17, 2021

Public safeguarder of patients’ confidential information following a career as a mental health consultant The invasion of information technology into healthcare brought the ancient principle of confidentiality between doctor and patient into conflict with opportunities to store and share data collectively. Continue reading.

Data collection

Data collection Information governance Government Security

Apply the law where breached servers are located?

Data Protection Report

JULY 8, 2022

Blackbaud provides data collection and maintenance software solutions for administration, fundraising, marketing, and analytics services to various charitable organizations, including healthcare, religious, and educational institutions as well as various foundations. Background. The court disagreed with both of them.

Data breaches

Data breaches Ransomware Data collection Analytics

FTC Announces Settlement Regarding Collecting Consumer TV Viewing Data

Hunton Privacy

FEBRUARY 7, 2017

The complaint alleged that VIZIO also provided viewers’ IP address information to data aggregators which facilitated the appending of specific consumer demographic information to the viewing data, including sex, age, income, marital status, household size, education level, home ownership and household value.

Data collection

Data collection Manufacturing Data Privacy Education

Make data protection a 2023 competitive differentiator

IBM Big Data Hub

JANUARY 19, 2023

By 2024, for instance, 75% of the entire world’s population will have its personal data protected by encryption, multifactor authentication, masking and erasure, as well as data resilience. The key to differentiation comes in getting data protection right, as part of an overall data strategy.

Data Privacy

Data Privacy Customer Experience Privacy Compliance

President Obama Announces Initiatives on Data Security and Student Privacy

Hunton Privacy

JANUARY 12, 2015

On January 12, 2015, President Obama announced at the Federal Trade Commission several new initiatives on data security and consumer privacy as part of a weeklong focus on privacy and cybersecurity. The proposed law will permit research to improve educational outcomes and tools.

Privacy

Privacy Security Data breaches Education

Conversational AI use cases for enterprises

IBM Big Data Hub

FEBRUARY 23, 2024

Marketing and sales: Conversational AI has become an invaluable tool for data collection. It assists customers and gathers crucial customer data during interactions to convert potential customers into active ones. This data can be used to better understand customer preferences and tailor marketing strategies accordingly.

Analytics

Analytics Artificial Intelligence Marketing Education

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

OCR concludes most cyber-attacks could be prevented or substantially mitigated if HIPAA covered entities and business associates implemented HIPAA Security Rule requirements to address the most common types of attacks. implement a security awareness and training program for all workforce members pursuant to the HIPAA Security Rule.

Cybersecurity

Cybersecurity Privacy Insurance Risk

House and Senate Release a Bipartisan U.S. Federal Privacy Bill

Hunton Privacy

JUNE 15, 2022

Notable differences between the COPRA and the ADPPA include the following: The COPRA does not address children’s privacy, however, the ADPPA contains a provision devoted to the data protections of children and minors. The COPRA provides a general prohibition against deceptive and harmful data practices.

Privacy

Privacy Marketing Data collection Access

Data Privacy Day: A Time for Reflection

KnowBe4

JANUARY 28, 2019

Are businesses doing everything they can to protect sensitive data and stay ahead of compliance requirements? Given the sheer amount of data collected, it is not surprising that privacy is on the minds of consumers and corporations alike. Regulations like GDPR have requirements about how personal data should be handled.

Data Privacy

Data Privacy Privacy Data collection Compliance

Data Privacy Day: A Time for Reflection

KnowBe4

JANUARY 28, 2019

Are businesses doing everything they can to protect sensitive data and stay ahead of compliance requirements? Given the sheer amount of data collected, it is not surprising that privacy is on the minds of consumers and corporations alike. Regulations like GDPR have requirements about how personal data should be handled.

Data Privacy

Data Privacy Privacy Data collection Compliance

NT Analyzer Webinar: Solving Apple’s new app privacy requirement

Data Protection Report

NOVEMBER 13, 2020

Starting December 8th, Apple will require developers to provide extensive, granular information about their app’s privacy practices, such as the type of data collected from users, third-party data usage and specific purpose of collection. An export function, where organizations can explore and upload sets of the data.

Privacy

Privacy Data collection Analytics Education

Two FTC complaints that over-retention of personal data violates Section 5

Data Protection Report

FEBRUARY 13, 2024

(Complaint at ¶¶ 13-14) The FTC pointed out that InMarket did disclose that it used consumer data for targeted advertising in its privacy policy, but the location consent screen did not link to the privacy policy. Consent Order at ¶ X) Blackbaud Blackbaud had a cyber security event in 2020 where personal information was exfiltrated. (We

Personal data

Personal data Privacy Marketing Data collection

The heat is on, is your school #BreachReady?

IT Governance

AUGUST 6, 2018

Welcome to the new education sector blog series. In our first blog ( sign up to the series here ) , we explore data breaches. In education, losing information – either on paper or unencrypted devices and cyber incidents follow closely as does a failure to redact data with breaches in general seeing a 32% rise across the sector. .

Data breaches

Data breaches Education GDPR Risk

Customers Can Pursue Negligence Claims Directly Against Vendor

Data Protection Report

OCTOBER 29, 2021

On October 19, 2021, a federal trial court in South Carolina ruled that a group of consumers could proceed with common law negligence and gross negligence claims directly against their organizations’ vendor that had been the victim of a security breach—instead of suing the organizations of which they were customers. In re Blackbaud, Inc.

Data breaches

Data breaches Personal data Risk Ransomware

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

Security Affairs

JUNE 21, 2019

” Turla attackers used many other tools and malware in the latest campaigns, such as a custom dropper to deliver the Neptun backdoor, a USB data collecting tool, a hacking tool that combines four NSA tools ( EternalBlue , EternalRomance , DoublePulsar , SMBTouch ). Pierluigi Paganini. SecurityAffairs – Turla, hacking).

Communications

Communications Government Data collection Education

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

The Last Watchdog

MARCH 8, 2021

I asked Elizabeth Rogers, a privacy and data security partner at the law firm of Michael Best & Friedrich , about this. McConomy: The stream of news from mainstream media and tech magazines highlighting personal data privacy options and improved regulations, for one. Who knows what consumer privacy in the U.S.

Privacy

Privacy Personal data Manufacturing Data Privacy

Personal data breaches in schools, to report or not to report?

IT Governance

OCTOBER 15, 2018

Understanding what constitutes a personal data breach. The ICO defines a personal data breach as. “…a a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.”. Examples of personal data breaches in schools.

Personal data

Personal data Data breaches Data collection GDPR

Customers Can Pursue Negligence Claims Directly Against Vendor

Data Protection Report

OCTOBER 2, 2021

On October 19, 2021, a federal trial court in South Carolina ruled that a group of consumers could proceed with common law negligence and gross negligence claims directly against their organizations’ vendor that had been the victim of a security breach—instead of suing the organizations of which they were customers. In re Blackbaud, Inc.

Data breaches

Data breaches Personal data Risk Ransomware

How to Take Your Business to The Next Level with Data Intelligence

erwin

JUNE 11, 2020

Educators can provide a more valuable learning experience and environment for students. With the use of data intelligence tools, educational institutes can provide teachers with a more holistic view of a student’s academic performance. Blockchain enables more secure and complex transaction record-keeping for businesses.

Analytics

Analytics Blockchain Artificial Intelligence Big data

Why is the GDPR still something I should be concerned about?

IT Governance

OCTOBER 15, 2018

Education . Mapping data and having records of data processing across all school systems is one of the biggest and most important changes. As such, the processes adopted by NHS Scotland and private medical practices need to be robust enough to cater for the dissemination of this type of data. . GDPR complexities .

GDPR

GDPR Data breaches Personal data Data collection

In the World of Legal Tech, Tomorrowland is Here: Observations from ILTACON

eDiscovery Daily

AUGUST 31, 2023

For one, seemingly few of the 3,400 attendees complained about the long walks in 90-degree heat required to attend educational sessions and meetings. Short message data is created from the conversational exchange taking place via a messaging or social media application, like Teams, Slack, Zoom, Snapchat, etc.

Cloud

Cloud Metadata Data collection Education

How to prepare for the California Consumer Privacy Act

Thales Cloud Protection & Licensing

AUGUST 15, 2019

For example, data collected by an entity may not be associated with an individual but could identify a household. The CCPA applies to for-profit entities that both collect and process the PI Information of California residents and do business in the State of California, without a physical presence in California being a requirement.

Privacy

Privacy GDPR Digital transformation Sales

In Midst of COVID-19 Pandemic, Senators Propose Privacy Bill Aimed At Businesses’ Use of Consumer Data

Data Matters

MAY 7, 2020

Require companies to allow individuals to opt out of the collection, processing, or transfer of their personal health, geolocation, or proximity information. Direct companies to provide transparency reports to the public describing their data collection activities related to COVID-19.

Privacy

Privacy Compliance Data collection Education

Creating a holistic 360-degree “citizen” view with data and AI

IBM Big Data Hub

SEPTEMBER 26, 2022

The journey begins with building a data fabric architecture to ensure quality data can be accessed by the right people at the right time, no matter where it resides. The key is making sure all this data is transparent and responsibly governed for privacy and security.

B2C

B2C Analytics B2B Digital transformation

The most valuable AI use cases for business

IBM Big Data Hub

FEBRUARY 14, 2024

Smart home devices such as the iRobot Roomba can navigate a home’s interior using computer vision and use data stored in memory to understand its progress. Clean up with predictive maintenance AI can be used for predictive maintenance by analyzing data directly from machinery to identify problems and flag required maintenance.

Artificial Intelligence

Artificial Intelligence Retail Unstructured data Insurance

Driving Conversations Around Careers In Telematics

Information Governance Perspectives

APRIL 5, 2023

PRIVACY AND TELEMATICS Yet who owns the data collected by vehicular telematics technology, and who can access it? A car company could easily put a clause in their sales contract that says you agree to give up data ownership by signing this deal and financing through us. What kind of education might you need?

Insurance

Insurance Military Artificial Intelligence Manufacturing

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

APRIL 8, 2019

This fragmentation has, unsurprisingly, lead to a heavy administrative burden for the secondary users of social and health care data by parallel and slow licence procedures with various authorities. The Act complements the GDPR and introduces reinforced data security requirements and strict authorization procedures.

Personal data

Personal data GDPR Healthcare Compliance

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

These are (i) government entities; (ii) entities subject to the Gramm-Leach-Bliley Act; (iii) entities subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act; (iv) nonprofits; and (v) institutions of higher education. Controllers must.

Personal data

Personal data GDPR Sales Privacy

NT Analyzer Blog Series: Why So Many Cookie Policies Are Broken, Part I – HTML5 LocalStorage

Data Protection Report

JUNE 25, 2019

There has been an odd preoccupation with cookies for some time now—to the exclusion of other forms of browser tracking, some of which are much more flexible and more robust in their data collection capabilities than cookies. For technical readers, the storage format is typically JSON.). The Potential Privacy Issues With LocalStorage.

Privacy

Privacy Data collection Data structuring Access

eRecords 2018: “A Case Study in Data Mapping – Are You Ready for a New Norm?”

The Texas Record

DECEMBER 12, 2018

According to Dennis Kiker, Director of KPMG LLP, the benefits of data mapping in records management include: Records Information Management (RIM) – Policy; Records Retention; Standards. IT Security – Cybersecurity; Access Controls; Breach Detection. Lastly, KPMG educated the RIM Committee members on: What RIM is.

Records Management

Records Management Data collection Education Government

Fixing Data Breaches Part 1: Education

Troy Hunt

DECEMBER 17, 2017

Let's get started with one I raised multiple times whilst sitting in front of Congress - education. Data Breaches Occur Due to Human Error. Nowhere is it truer than with data breaches and it's the most logical place to start this series. Education is the Best ROI on Security Spend.

Education

Education Data breaches Passwords Risk

FTC Releases Report on Internet of Things

Hunton Privacy

JANUARY 28, 2015

On January 27, 2015, the Federal Trade Commission announced the release of a report on the Internet of Things: Privacy and Security in a Connected World (the “Report”). With respect to legislation, the FTC “does not believe that the privacy and security risks, though real, need to be addressed” by legislation or regulation at this time.

Privacy

Privacy Risk Data collection Education

China Issues Data Security Law

FTC Takes Action Against Chegg for Alleged Security Failures that Exposed Data of Employees and 40 Million Consumers

Webinars

Trending Sources

President Biden issues sweeping artificial intelligence directives targeting safety, security and trust

Webinars

COPPA Guidance for EdTech Companies and Schools During the Coronavirus

News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses

When are schools required to report personal data breaches?

New Android malicious library Goldoson found in 60 apps +100M downloads

Businesses to Assist NHS Test and Trace Efforts

CIRWA Project tracks ransomware attacks on critical infrastructure

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Phishers migrate to Telegram

Biden AI Order Enables Agencies to Address Key Risks

Dame Fiona Caldicott obituary

Apply the law where breached servers are located?

FTC Announces Settlement Regarding Collecting Consumer TV Viewing Data

Make data protection a 2023 competitive differentiator

President Obama Announces Initiatives on Data Security and Student Privacy

Conversational AI use cases for enterprises

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

House and Senate Release a Bipartisan U.S. Federal Privacy Bill

Data Privacy Day: A Time for Reflection

Data Privacy Day: A Time for Reflection

NT Analyzer Webinar: Solving Apple’s new app privacy requirement

Two FTC complaints that over-retention of personal data violates Section 5

The heat is on, is your school #BreachReady?

Customers Can Pursue Negligence Claims Directly Against Vendor

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

Personal data breaches in schools, to report or not to report?

Customers Can Pursue Negligence Claims Directly Against Vendor

How to Take Your Business to The Next Level with Data Intelligence

Why is the GDPR still something I should be concerned about?

In the World of Legal Tech, Tomorrowland is Here: Observations from ILTACON

How to prepare for the California Consumer Privacy Act

In Midst of COVID-19 Pandemic, Senators Propose Privacy Bill Aimed At Businesses’ Use of Consumer Data

Creating a holistic 360-degree “citizen” view with data and AI

The most valuable AI use cases for business

Driving Conversations Around Careers In Telematics

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

NT Analyzer Blog Series: Why So Many Cookie Policies Are Broken, Part I – HTML5 LocalStorage

eRecords 2018: “A Case Study in Data Mapping – Are You Ready for a New Norm?”

Fixing Data Breaches Part 1: Education

FTC Releases Report on Internet of Things

Stay Connected