Education, IT and Personal data - Information Management Today

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

Hunton Privacy

NOVEMBER 7, 2022

On November 2, 2022, the ICO issued to the UK Department for Education (“ DfE ”) a formal reprimand following an investigation into the sharing of personal data stored on the Learning Records Service (“ LRS ”), a database which provides a record of pupils’ qualifications that the DfE has overall responsibility for.

Education

Education Personal data Access IT

Colorado Warns Ransomware Attack Caused Massive Data Breach

Data Breach Today

AUGUST 7, 2023

Information From 2004 to 2020 Exposed for High School Students, Teachers and Others Colorado's Department of Higher Education is warning that it suffered a ransomware attack in June, in which attackers stole personal data on current and past students and teachers, dating from 2004 to 2020.

Ransomware

Ransomware Data breaches Education Personal data

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Personal data

Personal data Data breaches Data collection GDPR

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

The BianLian extortion group claims to have stolen 6,8 TB of documents, including International HR data, international personal data. International financial data (over 800 GB), international medical and health data and international email correspondence.

IT

IT Ransomware Education Data breaches

Personal Data and docs of Swiss town Rolle available on the dark web

Security Affairs

AUGUST 26, 2021

Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen in a ransomware attack. The Swiss town Rolle disclosed the data breach after a ransomware attack, personal details of all its 6,200 inhabitants were stolen by threat actors. Pierluigi Paganini.

Personal data

Personal data Ransomware Data breaches Education

GDPR: How the definition of personal data has changed

IT Governance

APRIL 10, 2019

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. The scope of personal data.

Personal data

Personal data GDPR Education Government

Government surveying further education providers before Brexit

IT Governance

SEPTEMBER 24, 2019

The latest guidance from the government will assess the way further education providers are preparing for the UK’s departure from the EU, and it’s currently running a survey to get input from those looking for advice. The government’s advice will be invaluable for understanding how to manage your data protection requirements.

Education

Education Government GDPR Compliance

CIPL Submits Comments on Irish DPC’s Guidance on Safeguarding Personal Data of Children

Hunton Privacy

MARCH 30, 2021

The Draft Guidance, issued on December 20, 2020, adds to a growing body of work carried out by regulators, including the UK Information Commissioner’s Office (“ICO”) in their Code of Practice for Age Appropriate Design for Online Services (the “ICO Age Appropriate Code”).

Personal data

Personal data GDPR Risk Privacy

Two FTC complaints that over-retention of personal data violates Section 5

Data Protection Report

FEBRUARY 13, 2024

In both cases, the FTC’s complaint alleged that the companies retained personal data for longer than was necessary, and that conduct violated Section 5 of the Federal Trade Commission Act as an unfair act or practice. Count II focused on the collection and use of consumer data from third-party apps.

Personal data

Personal data Privacy Marketing Data collection

China Implements Regulation Increasing Protections for Children’s Personal Data

Data Matters

OCTOBER 15, 2019

On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. It contains similarities to the Children’s Online Privacy Protection Act (COPPA) in the U.S.

Personal data

Personal data Privacy Compliance Cybersecurity

Medibank Defends its Security Practices as its Ransomware Woes Worsen

IT Governance

NOVEMBER 17, 2022

The Australian health insurance giant fell victim to ransomware in October, as a result of which the personal data of 9.7 In most cases, basic personal information – such as their name, date of birth, email address, phone number and gender – was exposed. million current and former customers was compromised.

IT

IT Ransomware Security Data breaches

Data Privacy and Security: It Takes Two to Tango

Thales Cloud Protection & Licensing

JANUARY 24, 2022

Data Privacy and Security: It Takes Two to Tango. The National Cybersecurity Alliance (NCA) announced earlier this year that they have expanded the Data Privacy Day campaign into Data Privacy Week , a full week-long initiative. And when a breach does happen, then our personal data is the main target.

Data Privacy

Data Privacy Privacy IT Security

College Board Agrees to Settle with the New York Attorney General Over Student Data Privacy

Hunton Privacy

MARCH 5, 2024

On February 13, 2024, New York Attorney General (“NY AG”) Letitia James and New York State Education Department Commissioner (“NYSED”) Betty A. Rosa announced that College Board has agreed to settle charges in connection with allegations that it violated New York Education Law § 2-d, New York’s student privacy law.

Data Privacy

Data Privacy Privacy Education Marketing

Protecting Sensitive Company Data: How to Educate Employees

AIIM

JUNE 22, 2018

With the problem growing, and the attacks getting more sophisticated, there has never been a better time to learn how to defend your business’s data and protect your employees. In this article, we will examine how to educate your employees so that a lethal hack does not disrupt your business. It’s All About Passwords. Keep Updated.

Education

Education Passwords Cybersecurity Personal data

Indiana Likely to Become Seventh State to Enact a Comprehensive State Privacy Law

Hunton Privacy

APRIL 18, 2023

SB 5’s protections would apply to residents of Indiana who act for a personal, family or household purpose, with express exemption for individuals acting in a commercial or employment context. SB 5 now will head to Governor Eric Holcomb for a final signature, where he will have seven days upon transmission to sign SB 5 into law or veto it.

Privacy

Privacy Personal data Sales Insurance

Poland Amends Its Personal Data Protection Act

Hunton Privacy

DECEMBER 2, 2014

aw Komorowski signed into law a bill that was passed by Polish Parliament on November 7, 2014, which amends, among other laws, certain provisions of the Personal Data Protection Act 1997. An ABI is similar to a data protection officer but an ABI has narrower responsibilities that predominantly concern data security.

Personal data

Personal data IT Education Information Security

Connecticut Enacts Consumer Privacy Law

Hunton Privacy

MAY 10, 2022

On May 10, 2022, Connecticut Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring , after the law was previously passed by the Connecticut General Assembly in April. Connecticut is now the fifth state to enact a consumer privacy law.

Privacy

Privacy Personal data Sales B2B

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

FEBRUARY 15, 2021

Mistakes online by one family member can lead to compromises in a household’s network, placing computers, personal data, and perhaps even work-related content at risk. Cybersecurity education for kids is therefore a smart investment. We’re all connected. Cyber criminals have increased attacks as they see these opportunities.

Education

Education Cybersecurity Security awareness Data breaches

Iowa House and Senate Unanimously Vote to Approve Comprehensive Privacy Legislation

Hunton Privacy

MARCH 17, 2023

Controller Obligations Controllers would be required to implement reasonable security practices, provide a compliant privacy notice to consumers and enter into agreements with processors that handle the controller’s personal data. These rights notably exclude a right to correct inaccurate personal data.

Privacy

Privacy Personal data Sales Insurance

Insurance scams via QR codes: how to recognise and defend yourself

Security Affairs

MARCH 12, 2024

Credit: Truffe assicurative tramite QR code: come riconoscerle e difendersi About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security.

Insurance

Insurance Education Sales Personal data

News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses

The Last Watchdog

JANUARY 23, 2024

22, 2024 – Today, the National Cybersecurity Alliance (NCA) , announced the program for its third annual Data Privacy Week campaign, which will take place from January 22nd to January 27th. “Knowing how to safeguard your personal information has never been more important than it is today.

Data Privacy

Data Privacy Privacy Education Cybersecurity

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

Data Matters

OCTOBER 21, 2021

Explore how privacy enhancing technologies can allow for more seamless data transfers worldwide. Invest in education on AI for schools and businesses, most notably via AI skills “Bootcamps”. Thus, the Centre for Data Ethics and Innovation will produce guidance on how to use AI in a “fair” and non-discriminatory way.

Artificial Intelligence

Artificial Intelligence Government Paper IT

Cybersecurity Awareness Month: Resilient Multi-factor Authentication (MFA) and Strong Passwords

Thales Cloud Protection & Licensing

OCTOBER 4, 2022

The purpose of these events is to raise awareness about digital security and empower everyone to protect their personal data from digital forms of crime by adopting well established best practices, like the use of Multi-Factor Authentication (MFA) and establishing strong passwords. Quantitative data on human cybersecurity awareness.

Authentication

Authentication Passwords Cybersecurity Personal data

GUEST ESSAY: Here’s how and why ‘trust’ presents an existential threat to cybersecurity

The Last Watchdog

DECEMBER 8, 2022

This neglect is not only a threat to personal data, but also a threat to corporate security. According to our survey, the majority of consumers (77 percent) are confident they can identify, and report suspected malicious cyber activity despite general apathy toward proactively securing their devices and personal data.

Cybersecurity

Cybersecurity Passwords Ransomware Personal data

Seiko confirmed a data breach after BlackCat attack

Security Affairs

OCTOBER 26, 2023

On August 10, 2023, the Japanese maker of watches Seiko disclosed a data breach following a cyber attack. Seiko Group Corporation (hereinafter referred to as “the Company” or “we”) has confirmed that on July 28th of this year, the Company suffered a possible data breach. reads a notice published by the company. “As

Data breaches

Data breaches Ransomware Cybersecurity Personal data

Samsung employees unwittingly leaked company secret data by using ChatGPT

Security Affairs

APRIL 10, 2023

ChatGPT uses data provided by the users to train itself and build its experience, with the risk that this data can be available to other users that will query the popular chatbot. It is not clear if Samsung has requested the deletion of the data provided by its workers to OpenAI. ” reported TechRadar.

Personal data

Personal data Education Risk Privacy

OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands

Security Affairs

APRIL 28, 2023

OpenAI restored access to ChatGPT in Italy after the company met the demands of the Italian Data Protection Authority, Garante Privacy. In early April, the Italian Data Protection Authority, c, temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors.

Personal data

Personal data Privacy Access Education

App used by hundreds of schools leaking children’s data

Security Affairs

NOVEMBER 24, 2023

Almost a million files with minors’ data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. The leaked data about minors could have dire consequences, as this information can put children at physical risk by revealing their daily whereabouts.

Risk

Risk Education Personal data Phishing

Threat actors defaced Ukrainian government websites

Security Affairs

JANUARY 14, 2022

The attackers deleted the content of multiple websites, including the Ukrainian Ministry of Foreign Affairs, Ministry of Education and Science, Ministry of Defense, the State Emergency Service, and the Cabinet of Ministers. All your personal data has been sent to a public network. “Ukrainian! Pierluigi Paganini.

Government

Government CMS Personal data Education

What is Cyber Security Awareness and Why is it Important?

IT Governance

MAY 27, 2021

They represent the business, deal with customers and handle sensitive data. If they fail to adequately protect that information or violate data subject rights – which are protected by the likes of the GDPR (General Data Protection Regulation) – your organisation faces myriad problems. Cyber security awareness best practices.

Security awareness

Security awareness IT Security GDPR

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

APRIL 8, 2019

This fragmentation has, unsurprisingly, lead to a heavy administrative burden for the secondary users of social and health care data by parallel and slow licence procedures with various authorities. The Act complements the GDPR and introduces reinforced data security requirements and strict authorization procedures.

Personal data

Personal data GDPR Healthcare Compliance

Teaching Cybersecurity to Children

Schneier on Security

MAY 7, 2021

By the time kids are in third and fourth grade, they’ll be taught how to identify the personal data that may be stored by online services, and how that can reveal their location or identity. Six-and-seven-year-olds will be taught how to use usernames and passwords, and the pitfalls of clicking on pop-up links to competitions.

Cybersecurity

Cybersecurity Education Privacy Personal data

UK ICO Publishes First Two Reports from its Data Protection Sandbox Pilot

Hunton Privacy

JULY 28, 2020

On July 23, 2020, the UK Information Commissioner’s Office (the “ICO”) published the first two reports of its Data Protection Regulatory Sandbox Beta phase (the “Beta phase”) involving projects by Jisc (a not-for-profit organization serving the higher and further education and skills sectors) and Heathrow Airport Ltd.

IT

IT GDPR Personal data Compliance

New York Legislature Considers New York Child Data Privacy and Protection Act

Hunton Privacy

OCTOBER 25, 2022

The bill would impose obligations and restrictions related to the processing of “personal data,” which broadly includes “information that identifies, relates to, describes or is reasonably linked to a particular child user.” Notably, the bill would not exclude pseudonymized data from its requirements.

Data Privacy

Data Privacy Privacy Personal data Sales

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Hunton Privacy

JULY 1, 2020

The Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) recently announced that it levied a €600,000 fine on banking institution UniCredit for several violations of the Italian Personal Data Protection Code, in its pre-General Data Protection Regulation (“GDPR”) form.

Data breaches

Data breaches GDPR Personal data Education

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

Records breached: Unknown, but sensitive personal data was probably breached. BHI Energy Announces Data Breach Affecting Confidential Information of 91k Individuals Date of breach: 29 June 2023 (filed notice with the Attorney General of Maine on 18 October 2023). This includes employee data. Records breached: Unknown.

Data Privacy

Data Privacy Privacy Security Data breaches

GUEST ESSAY: Has shielding and blocking electromagnetic energy become the new normal?

The Last Watchdog

OCTOBER 2, 2023

Paradox challenge Beyond the realm of sensitivity, consider our data—the intrepid voyager navigating electromagnetic currents. ” These portrayals obscure the reality that personal data protection is far from a fanciful notion. In this unfolding narrative, education emerges as the harbinger of change.

Privacy

Privacy Education Personal data Government

What are you doing for Data Privacy Week?

IT Governance

JANUARY 24, 2022

Data privacy is a concept that governs our everyday lives. We’re asked to hand over our personal data for seemingly everything that we do – from browsing the web to high-street shopping. Although many of us are broadly aware of the risks involved when sharing our personal data, it often doesn’t get the attention it deserves.

Data Privacy

Data Privacy Privacy Personal data Passwords

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

Security Affairs

APRIL 1, 2023

The Italian Data Protection Authority, Garante Privacy, has temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors. The Authority pointed out that OpenAI does not alert users that it is collecting their data. ” continues the press release.

Privacy

Privacy Personal data GDPR Compliance

Ukraine cyber police arrested a man for selling data of 300M people

Security Affairs

APRIL 28, 2023

The Ukrainian cyber police arrested a Ukraine man for selling the data of over 300 million people from different countries. The Ukrainian cyber police have arrested a man (36) from the city of Netishyn for selling the personal data and sensitive information of over 300 million people from different countries.

Sales

Sales Personal data Education Access

Connecticut Makes Five: The Constitution State Enacts Broad Data Privacy Law Effective July 2023

Data Matters

JUNE 22, 2022

Carves out personal data processed solely for payments from definition of persons subject to the law – Persons subject to the law are defined with reference to the volume of data processed about Connecticut residents, as we have seen in other laws. Data in Scope – The Majority Approach.

Data Privacy

Data Privacy Privacy Personal data Sales

University admission platform Leverage EDU exposed student passports

Security Affairs

MAY 16, 2023

It claims to have a network of over 650 educational institutions worldwide and 80 million users over the last year. Cybernews reached out to the company, and access to users’ data was secured. Cybernews reached out to the company, and access to users’ data was secured. It runs offices in the UK and Australia.

Personal data

Personal data Education Phishing Risk

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

Following the link in the message took them to a phishing page mimicking a USPS page, where they were asked to enter their personal data and financial information. This data would then be sent via an automated bot to a Telegram user called @chenlun “who offers to sell customized source code for phishing pages”.

Phishing

Phishing Financial Services Manufacturing Personal data

Texas enacts comprehensive privacy law

Data Protection Report

JUNE 21, 2023

The new law has exclusions for Gramm-Leach-Bliley-covered financial institutions, HIPAA-covered covered entities and business associates, non-profits, institutes of higher education, and electric utilities, power generation companies, and retail electric providers. A similar requirement applies with respect to the sale of biometric data.

Privacy

Privacy Personal data Sales Retail

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

Colorado Warns Ransomware Attack Caused Massive Data Breach

Webinars

Trending Sources

When are schools required to report personal data breaches?

Webinars

Save the Children confirms it was hit by cyber attack

Personal Data and docs of Swiss town Rolle available on the dark web

GDPR: How the definition of personal data has changed

Government surveying further education providers before Brexit

CIPL Submits Comments on Irish DPC’s Guidance on Safeguarding Personal Data of Children

Two FTC complaints that over-retention of personal data violates Section 5

China Implements Regulation Increasing Protections for Children’s Personal Data

Medibank Defends its Security Practices as its Ransomware Woes Worsen

Data Privacy and Security: It Takes Two to Tango

College Board Agrees to Settle with the New York Attorney General Over Student Data Privacy

Protecting Sensitive Company Data: How to Educate Employees

Indiana Likely to Become Seventh State to Enact a Comprehensive State Privacy Law

Poland Amends Its Personal Data Protection Act

Connecticut Enacts Consumer Privacy Law

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

Iowa House and Senate Unanimously Vote to Approve Comprehensive Privacy Legislation

Insurance scams via QR codes: how to recognise and defend yourself

News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

Cybersecurity Awareness Month: Resilient Multi-factor Authentication (MFA) and Strong Passwords

GUEST ESSAY: Here’s how and why ‘trust’ presents an existential threat to cybersecurity

Seiko confirmed a data breach after BlackCat attack

Samsung employees unwittingly leaked company secret data by using ChatGPT

OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands

App used by hundreds of schools leaking children’s data

Threat actors defaced Ukrainian government websites

What is Cyber Security Awareness and Why is it Important?

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

Teaching Cybersecurity to Children

UK ICO Publishes First Two Reports from its Data Protection Sandbox Pilot

New York Legislature Considers New York Child Data Privacy and Protection Act

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

The Week in Cyber Security and Data Privacy: 16–22 October 2023

GUEST ESSAY: Has shielding and blocking electromagnetic energy become the new normal?

What are you doing for Data Privacy Week?

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

Ukraine cyber police arrested a man for selling data of 300M people

Connecticut Makes Five: The Constitution State Enacts Broad Data Privacy Law Effective July 2023

University admission platform Leverage EDU exposed student passports

Catches of the Month: Phishing Scams for October 2023

Texas enacts comprehensive privacy law

Stay Connected