Education, GDPR and IT - Information Management Today

Data breaches grow across UK education sector

IT Governance

NOVEMBER 29, 2018

A recent freedom of information request by chartered accountants UHY Hacker Young reveals a worrying rise in reported data breaches across the UK education sector. Find out more about the scheme and IT Governance’s certification options here.

Education

Education Data breaches GDPR Government

Why is the GDPR still something I should be concerned about?

IT Governance

OCTOBER 15, 2018

The EU’s GDPR (General Data Protection Regulation) superseded all laws based on the EU’s Data Protection Directive, including the UK’s Data Protection Act 1998, on 25 May 2018. Some organisations believe that a simple privacy notice is all that is required, but the GDPR actually demands far more than that. . GDPR complexities .

GDPR

GDPR Data breaches Personal data Data collection

Sign up for the new education sector email updates

IT Governance

AUGUST 2, 2018

To support the wider education sector with data protection and cyber security, we are launching a sector specific email newsletter and blog series. The newsletter will highlight our latest blogs as well as guidance and information about relevant new products and services, featured experts and a ‘your questions answered’ section.

Education

Education GDPR Data breaches Government

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Exploiting GDPR to Get Private Information

Schneier on Security

AUGUST 13, 2019

A researcher abused the GDPR to get information on his fiancee: It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR) , which came into force in May 2018. Generally if it was an extremely large company -- especially tech ones -- they tended to do really well," he told the BBC.

GDPR

GDPR Education Compliance IT

What it Takes to Be Your Organisation’s DPO or Data Privacy Lead

IT Governance

DECEMBER 6, 2023

‘GDPR’ has become a familiar term. What’s not so evident is whether organisations are keeping their practices fully up to date and in line with the GDPR. What’s not so evident is whether organisations are keeping their practices fully up to date and in line with the GDPR.

Data Privacy

Data Privacy Privacy GDPR IT

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. Some began to lose faith. It’s Y2K all over again”; a big fuss over nothing. The basics. Who needs to pay attention?

GDPR

GDPR Compliance Personal data Data breaches

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). The Regulation isn’t just about written details, like names and addresses; it applies to any information that can identify someone. Transparency is a core principle of the GDPR. Clearly state why you are using CCTV.

GDPR

GDPR Privacy Retail Personal data

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The breach was reported to the ICO (Information Commissioner’s Office), which oversees GDPR compliance in the UK, and Mermaids is now subject to disciplinary action. What are charities’ GDPR requirements?

GDPR

GDPR Compliance Personal data Risk

The GDPR: A year in review

IT Governance

MAY 23, 2019

A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. In the first half of 2018, it was practically impossible to avoid news stories about the GDPR, the majority of which focused on the potential for hefty administrative fines for non-compliance.

GDPR

GDPR Data breaches Compliance Retail

GDPR One Year Anniversary: What We’ve Learned So Far

Thales Cloud Protection & Licensing

JUNE 4, 2019

On May 25, the European Union celebrated the first anniversary of the enforcement of the General Data Protection Regulation (GDPR) , the most important change in data privacy regulations in the last decade, designed to restructure the way in which personal data is handled across every sector (public or private) and every industry.

GDPR

GDPR Data Privacy Compliance Privacy

News alert: Criminal IP and Quad9 collaborate to exchange domain and IP threat intelligence

The Last Watchdog

MAY 13, 2024

Enhanced threat blocking Quad9 is a free anycast DNS platform delivering robust security protections and privacy guarantees that comply with rigorous Swiss Data Protection and GDPR rules. About AI SPERA: AI SPERA launched its global cybersecurity service, Criminal IP, on April 17, 2023, following a successful year-long beta phase.

Phishing

Phishing Privacy Big data Cybersecurity

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Meanwhile, although the specifics of Brexit are still unclear, one thing is certain: whatever happens, UK-based organisations will be subject to the GDPR’s requirements.

GDPR

GDPR Compliance Personal data Access

Is your school GDPR-compliant? Use our checklist to find out

IT Governance

MARCH 28, 2019

At the recent ASCL (Association of School and College Leaders) conference , a guest said to us: “The GDPR ? How was it possible for someone to be so misguided about such a well-publicised regulation, the requirements of which have huge ramifications for the way organisations handle personal data? GDPR compliance in schools.

GDPR

GDPR Compliance Data breaches Personal data

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

In addition to data subjects’ rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability and to object, the EU’s GDPR (General Data Protection Regulation) sets out requirements relating to automated individual decision-making, including profiling. What is profiling under the GDPR?

GDPR

GDPR Personal data Financial Services Compliance

3 tips for successful GDPR staff training

IT Governance

NOVEMBER 21, 2017

Staff awareness should be a major concern for organisations looking to comply with the EU General Data Protection Regulation (GDPR). However, our 2017 GDPR Report found that less than 10% of organisations have provided GDPR staff awareness training to all employees. Why implement a GDPR staff awareness training programme?

GDPR

GDPR Compliance Education Data breaches

How the CCPA and GDPR Are Different

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR

GDPR Privacy Personal data Passwords

What is Cyber Security Awareness and Why is it Important?

IT Governance

MAY 27, 2021

If they fail to adequately protect that information or violate data subject rights – which are protected by the likes of the GDPR (General Data Protection Regulation) – your organisation faces myriad problems. Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation. 3) Be thorough.

Security awareness

Security awareness IT Security GDPR

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation.

GDPR

GDPR Compliance Security awareness Education

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation.

GDPR

GDPR Compliance Security awareness Education

Are your staff GDPR trained? Find out what you need to do

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. That’s hardly a surprise, given how few resources organisations dedicate to educating their staff on how to handle sensitive information. Staff training under the GDPR.

GDPR

GDPR Government Data breaches Information Security

Are your staff GDPR trained? Find out what you need to do

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. That’s hardly a surprise, given how few resources organisations dedicate to educating their staff on how to handle sensitive information. Staff training under the GDPR.

GDPR

GDPR Government Data breaches Information Security

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. Almost two thirds (62%) of respondents hadn’t heard of the Regulation, and only about 10% had taken steps to meet its compliance requirements. Preparing for the GDPR.

GDPR

GDPR Compliance Insurance Personal data

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

Here are five unique cybersecurity challenges you should know about. In that case, you must abide by the General Data Protection Regulation (GDPR), which imposes fines on some activities that are perfectly legal in the U.S. These obstacles can stand in the way of reaching out to workers about crucial security updates.

Communications

Communications Cybersecurity GDPR Risk

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

Data Matters

OCTOBER 21, 2021

Significantly, the UK’s proposed approach may diverge in some respects from the EU’s GDPR. Invest in education on AI for schools and businesses, most notably via AI skills “Bootcamps”. Ensuring AI benefits all sectors and regions ” – this pillar is about ensuring AI “diffuses” across the economy.

Artificial Intelligence

Artificial Intelligence Government Paper IT

Has the GDPR helped spark public interest in security?

IT Governance

JULY 25, 2018

One overlooked side-effect of the GDPR (General Data Protection Regulation) is the extent to which data privacy and information security have become widely discussed. For example, the below screenshot shows a friend asking me about a suspicious link. That link ended up sparking a discussion in my friend’s office about phishing.

GDPR

GDPR Phishing Security Data Privacy

GDPR priorities in the lead up to May

IT Governance

MARCH 1, 2018

GDPR compliance should be a priority and high on every organisation’s agenda with only three months until the regulation comes into effect on 25 May 2018. Training – make sure those responsible for the project are trained on implementing the GDPR in the workplace.

GDPR

GDPR Compliance Privacy Data breaches

News Alert: INE Security enables CISOs to secure board support for cybersecurity training

The Last Watchdog

MAY 28, 2024

The human factor Cybersecurity is not just about technology; it’s about people. These examples provide relatable scenarios that underscore the importance of investing in employee education. But it isn’t a question of ”if” an organization will be targeted, but “when.” million compared to those with lower levels.

Cybersecurity

Cybersecurity Security Data breaches Cloud

What are the Data Subject Rights under the GDPR?

IT Governance

JUNE 15, 2018

Even though the EU General Data Protection Regulation (GDPR) is now in effect, many organisations are still working towards compliance. The GDPR gives individuals eight rights relating to their personal data. Failure to do so is a violation of the GDPR and could lead to disciplinary action. The right to erasure.

GDPR

GDPR Personal data Compliance Access

Only 25% of UK law firms are prepared for the GDPR

IT Governance

NOVEMBER 20, 2017

A recent report from CenturyLink has highlighted a lack of preparation among UK law firms for the upcoming EU General Data Protection (GDPR) compliance deadline. The report questioned more than 150 legal sector IT decision makers in the UK and discovered that only 25% believe they are currently compliant with the GDPR.

GDPR

GDPR Compliance Paper Data breaches

Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders

Information Governance Perspectives

MAY 8, 2020

Hunter, Dr. Tao Jin, Dr. Patricia Franks, Rae Lynn Haliday, Cheryl Pederson, and Wendy McLain on the topic of Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders. And I think the next panel will discuss that… But the one thing I want us ALL to think about today is this….

Education

Education Digital transformation Search queries Information governance

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

It emerged this week, according to the New York City Department of Education, that data from a further 381,000 students was also compromised in this incident. Data breached: 1,201,000 people’s data. Apparently, the data belongs to tens of thousands of Australians.

Data breaches

Data breaches Education Manufacturing Retail

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

5 things HR departments need to know about data protection

IT Governance

OCTOBER 7, 2019

HR plays a crucial role in an organisation’s GDPR (General Data Protection Regulation) compliance. The GDPR outlines six lawful bases that will be appropriate in different circumstances: Consent : the individual agrees to the data processing. Let’s take a look at five issues that HR must address when handling personal data.

GDPR

GDPR Personal data Compliance Communications

Universities across the UK and North America confirm cyber attack

IT Governance

JULY 28, 2020

Blackbaud, which provides education administration, fundraising and financial management software, was infected with ransomware, giving cyber criminals access to a wealth of sensitive information. At least eight educational institutions in the US and Canada were also affected, as well as several charities on both sides of the Atlantic.

GDPR

GDPR Education Ransomware Data breaches

Belgian Privacy Commission Issues Guidance on Data Protection Impact Assessments Under the GDPR

Data Matters

APRIL 5, 2018

On 28 February 2018, the Belgian Commission for the Protection of Privacy (the “Privacy Commission”) published a recommendation setting out its approach to Data Protection Impact Assessments (“DPIAs”), and in doing so published a “White List” and a “Black List” of processing operations, pursuant to the General Data Protection Regulation (“GDPR”).

GDPR

GDPR Privacy Personal data Education

We Finally Have Our First Big GDPR Fine: Data Privacy Trends

eDiscovery Daily

JANUARY 22, 2019

As covered in Fortune ( France Fines Google $57 Million For GDPR Violations , written by Emily Price), France’s data protection regulator, the Commission nationale de l’informatique et des libertés (CNIL), has issued a €50 million fine (about $56.8 million ) fine to Google for failing to comply with GDPR. OK, guess again.

GDPR

GDPR Data Privacy Privacy Education

Five Steps to Win the Battle Against Information Chaos in 2021

AIIM

APRIL 15, 2021

You can have some great, fantastic ideas about what you want to do with information, but you need to be able to educate everyone up and down the stack about what you are planning. Be explicit about the C-Suite support you need. In many organizations, the chaos problem isn’t simply about information volume and variety.

Education

Education Records Management GDPR Risk

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

Organisation(s) Sector Location Data breached? Source 1 ; source 2 (New) Professional services USA Yes 11,556 Poder Judicial de Santa Cruz Source (New) Legal Argentina Yes 8,732 J.D.

Data Privacy

Data Privacy Privacy Insurance Security

Have We Become Apathetic About Breaches?

Thales Cloud Protection & Licensing

FEBRUARY 15, 2018

Have we become too used to and too apathetic about breaches? One such example is the recent disclosure that military personnel wearing Strava devices are revealing highly sensitive information about their locations and activities. People either do not hear about breaches anymore, or they tune them out.

IoT

IoT Encryption Military Insurance

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

It’s an irony often noted about wealth: The more money you have, the more you have to worry about money – managing it, protecting it, nurturing it for further growth. For businesses, the same is now true about information. Related: Using employees as human sensors. Data has become critical to your organization’s success.

Encryption

Encryption Cloud Privacy GDPR

Happy Compliance Officer Day!

Thales Cloud Protection & Licensing

SEPTEMBER 25, 2023

Here’s the thing about compliance, most people know that it’s necessary, but it can often be seen as an arduous blocker to doing fun things like cycling on your own - or growing a business in a fast-paced digital economy! A DPO’s duties are laid out in Article 39 of the GDPR. Data breaches, brand damage and financial reputation.

Compliance

Compliance GDPR Risk Education

Unsure About How to Map Your Data for GDPR? Here are Several Templates to Get Started: Data Privacy Best Practices

eDiscovery Daily

JUNE 3, 2018

Now that Europe’s General Data Protection Regulation (GDPR) is in effect, all organizations out there have a good handle on all of their data, including which personally identifiable information (PII) they handle for European data subjects out there and clear policies for how they ensure protection of that PII. OK, maybe not.

GDPR

GDPR Data Privacy Privacy Big data

HMRC forced to delete 5 million voice records after GDPR gaffe

IT Governance

MAY 9, 2019

HMRC (HM Revenue and Customs) has been told to delete more than five million people’s voice records after it was discovered that the way the information was collected breached the GDPR (General Data Protection Regulation). The organisation changed the way it obtained consent in October 2018, which the ICO says now complies with the GDPR.

GDPR

GDPR Personal data Education Passwords

Victims of Blackbaud ransomware attack to take legal action

IT Governance

SEPTEMBER 24, 2020

Blackbaud, which provides education administration, fundraising and financial management support, was attacked earlier this year, with cyber criminals accessing victims’: Names; Dates of birth; Addresses; Phone numbers; Email addresses; Donation history; and Events that individuals attended. What about other universities?

Ransomware

Ransomware Data breaches Education GDPR

Data breaches grow across UK education sector

Why is the GDPR still something I should be concerned about?

Webinars

Trending Sources

Sign up for the new education sector email updates

Webinars

Exploiting GDPR to Get Private Information

What it Takes to Be Your Organisation’s DPO or Data Privacy Lead

Wake up to the reality of the GDPR: What you need to know about compliance

Does your use of CCTV comply with the GDPR?

What UK charities need to know about GDPR compliance

The GDPR: A year in review

GDPR One Year Anniversary: What We’ve Learned So Far

News alert: Criminal IP and Quad9 collaborate to exchange domain and IP threat intelligence

7 steps to highly effective GDPR compliance

Is your school GDPR-compliant? Use our checklist to find out

GDPR automated decision-making and profiling: what are the requirements?

3 tips for successful GDPR staff training

How the CCPA and GDPR Are Different

What is Cyber Security Awareness and Why is it Important?

How to implement a GDPR staff awareness training programme

How to implement a GDPR staff awareness training programme

Are your staff GDPR trained? Find out what you need to do

Are your staff GDPR trained? Find out what you need to do

62% of organisations unaware of the GDPR

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

Has the GDPR helped spark public interest in security?

GDPR priorities in the lead up to May

News Alert: INE Security enables CISOs to secure board support for cybersecurity training

What are the Data Subject Rights under the GDPR?

Only 25% of UK law firms are prepared for the GDPR

Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

Security Compliance & Data Privacy Regulations

5 things HR departments need to know about data protection

Universities across the UK and North America confirm cyber attack

Belgian Privacy Commission Issues Guidance on Data Protection Impact Assessments Under the GDPR

We Finally Have Our First Big GDPR Fine: Data Privacy Trends

Five Steps to Win the Battle Against Information Chaos in 2021

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

Have We Become Apathetic About Breaches?

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

Happy Compliance Officer Day!

Unsure About How to Map Your Data for GDPR? Here are Several Templates to Get Started: Data Privacy Best Practices

HMRC forced to delete 5 million voice records after GDPR gaffe

Victims of Blackbaud ransomware attack to take legal action

Stay Connected