PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

5 Things School Officials Must Know About Privacy

Video 5 Things School Officials Must Know About Privacy

by Daniel J. Solove I have produced a new short video called 5 Things School Officials Must Know About Privacy.  The video addresses the most important points that school officials should know when it comes to privacy. These points are: Protecting privacy involves much more than following FERPA. Just because software and services can do […]

Is Data Security Awareness Training Effective?

by Daniel J. Solove A recent article in CIO explores the question: Is data security awareness training effective? The answer: Yes. The article points to an ISACA study that seeks to measure the effectiveness of data security awareness training. The study concludes: “Security awareness training is a vital nontechnical component to information security. As such, […]

A List of Privacy Training and Data Security Training Requirements in Laws, Regulations, and Industry Codes

by Daniel J. Solove I was recently asked whether I had a list of the various laws, regulations, and industry codes that require privacy and/or data security training.  I know about a number of training requirements, but didn’t have a formal list.  I realized that such a list would be useful, so I created one […]

The Stunning Need for Improvement on Mobile and Cloud Risks

by Daniel J. Solove A recent study by the Ponemon Institute, The Risk of Regulated Data on Mobile Devices and in the Cloud*, reveals a stunning need for improvement on managing the risks of mobile devices and cloud computing services. The survey involved 798 IT and IT security practitioners in a variety of organizations including […]

Higher Education Needs Privacy Officers and Privacy/Security Training

In 2007, Seung Cho, a student at Virginia Tech, killed 32 students and faculty and wounded 17. He then committed suicide. One of the most troublesome things about this incident was that it might have been prevented if school officials and employees had a better grasp of privacy law. Appointed by the state governor, the […]

New Privacy Training Programs: US, EU, and Global Privacy Law

by Daniel J. Solove We have launched several new privacy training programs, including a series with brief introductions to privacy law.  We have completed a privacy training program about US Privacy Law with a video and interactive material / quiz questions.  And we just completed a training program about EU Privacy Law.  This program has […]

New Financial Privacy Training Programs

by Daniel J. Solove We have begun producing a new program series about financial privacy.  The first two programs are completed. The first part is an overview video that discusses the importance of financial privacy and the various laws and regulations that regulate.  These laws and regulations are discussed very broadly.  The video concludes with […]

HIPAA Turns 10: Analyzing the Past, Present, and Future Impact

by Daniel J. Solove In the April issue of the Journal of AHIMA, I authored two short pieces about HIPAA: HIPAA Turns 10: Analyzing the Past, Present, and Future Impact 84 Journal of AHIMA 22 (April 2013) HIPAA Mighty and Flawed: Regulation has Wide-Reaching Impact on the Healthcare Industry 84 Journal of AHIMA 30 (April […]

New Privacy by Design Training Video

I recently created this 2-minute comical cartoon vignette to teach about the importance of privacy and apps.  Far too often, apps are not designed with privacy in mind, and people install apps without considering the privacy implications. [Video no longer available online – please contact us if you’d like to see it] More About Apps and […]

Employer Social Media Policies: A Brave New World

Posted by Daniel J. Solove The frequent use of social media by employees has created a new domain of risk for employers – employees who reveal confidential or sensitive information or who otherwise say things that damage their institution’s reputation or create strife with their colleagues. For example, in the healthcare context, in a number […]