When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
In January 2024, Virginia Governor Glenn Youngkin announced and signed Executive Order 30 on Artificial Intelligence (EO 30), establishing “important safety standards to ensure the responsible, ethical, and transparent use of...more
Managing a remote cybersecurity team at colleges and universities involves addressing a unique set of challenges to ensure the security of sensitive data and infrastructure. There is an additional overlay of potential...more
“At colleges and universities across the nation, leaders agree that the key to ensuring business continuity and sustainability is cyber resilience.” Why this is important: As highlighted in previous editions of The...more
The Accreditation Overhaul for North Carolina (and Florida) Colleges - Last month, North Carolina Governor Roy Cooper signed House Bill 8 (HB 8) into law. In addition to establishing a new computer science requirement for...more
We’re back with a deeper dive into the 2023 Data Security Incident Response Report, which features insights and metrics from 1,160+ incidents in 2022. This episode dives deeper into privacy litigation. Questions & comments:...more
Are Automakers Making Sufficient Efforts to Protect Customer Data? With the ever-expanding Internet of Things, data privacy is a growing concern in today’s digital age. The automotive industry is no exception. The National...more
With an ever-expanding digital toolkit, education leaders must work harder than ever to safeguard student data. Join Bricker Graydon attorneys Jeff Knight and Nancy Magoteaux in a discussion that celebrates Data Privacy Day...more
As set forth in BakerHostetler’s 2023 Data Security Incident Report, privacy litigation is on the rise. Indeed, 2023 saw a nearly 100 percent increase from 2022 in the number of lawsuits filed in connection with data security...more
In a 2019 post about increasing cyber risks in K-12 schools, we cited a report, “The State of K-12 Cybersecurity: 2018 Year in Review,” that contained sobering information about cybersecurity in local school districts across...more
K-12 school districts across the country continue to be targeted by threat actors looking to steal sensitive personal information. Examples of this can be seen in the recent incidents affecting the Pearland Independent School...more
Cyber Resilience Programs Falling Short on Preparing Workers for a Crisis- “At two-thirds of organizations, there is a fear that almost all employees, 95%, will not understand how to recover following a cyberattack.” ...more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
On February 9, 2023, the U.S. Department of Education (Department) published Electronic Announcement General-23-09 (EA) summarizing updated requirements of the “Safeguards Rule” as adopted by the Federal Trade Commission...more
With only four months left before most changes to the federal Standards for Safeguarding Customer Information (“Safeguards Rule”) – a component of the Gramm-Leach Bliley Act (“GLBA”) that provides for the protection of...more
On February 9, the U.S. Department of Education (ED) released an announcement about updates that postsecondary institutions must make to their cybersecurity and data protection policies in order to comply with the Federal...more
Student Loans - Supreme Court Likely to Rule that Biden Student Loan Plan is Illegal, Experts Say. Here’s What that Means for Borrowers - “Long before the president acted, Republicans had criticized student loan...more
Dr. Melissa Dark is the Founder of DARK Enterprises, a non-profit organization dedicated to developing and supporting cybersecurity education at the secondary level. Before that, Dr. Dark worked in graduate and college...more
According to Emsisoft, the education sector continues to experience ransomware attacks, with a whopping 1,043 schools affected by ransomware in 2021. This statistic breaks down to 62 school districts and 26 colleges and...more
School districts must consider the sanctity and privacy of data they maintain, as a recent decision underscores from the New York State Education Department’s Office of the Chief Privacy Officer. This alert explains the...more
Higher education institutions have become all too familiar with the extraterritorial approach of international privacy laws. When the European Union’s General Data Protection Regulation (GDPR) went into effect in 2018, higher...more
Until now, companies primarily regulated by the Federal Trade Commission (FTC) were given only vague directives to implement systems sufficient to safeguard customer data, coupled with FTC “recommendations” as to best...more
The past 15 months have been extremely challenging for every industry, but that is especially true of educational institutions. Every level of education—from local school districts to the largest universities—has had to work...more
Attend SCCE’s annual conference for those who manage compliance at higher education institutions. Learn best practices and strategies, ask questions of the speakers, and share ideas with other attendees. The 2021 virtual...more
As colleges and universities know, higher education institutions have a duty to protect the confidentiality of student records, codified in the Family Educational Rights and Privacy Act (“FERPA”), 20 U.S.C. § 1232g. When...more
The FBI recently issued a Flash alert warning higher education institutions, k-12 schools, and seminaries about increasing numbers of ransomware attacks affecting the education industry....more