PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

The $500,000 Value of Data Security Awareness Training

by Daniel J. Solove It has long been difficult to quantify the ROI of data security awareness training. But finally, I have been able to locate a number. According to a 2014 PricewaterhouseCoopers study: “The financial value of employee awareness is even more compelling. Organizations that do not have security awareness programs—in particular, training for […]

The Privacy Pillory and the Security Rack: The Enforcement Toolkit

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #2 in a series called Enforcing Privacy and Security Laws. See the end of this post for links to other posts in this series. What kind of sanctions do privacy and security laws use for enforcement? In this post, […]

The Best Preventative Medicine for Health Data Breaches

by Daniel J. Solove Last week, I gave a keynote address at a conference called Safeguarding Health Information: Building Assurance through HIPAA Security, sponsored by the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR). I’d like to summarize my remarks here for […]

Why the C-Suite Should Have Coffee with the Privacy and Security Officers Every Week

  by Daniel J. Solove As I discussed in a previous post, the two key things that organizations can do to prevent data incidents can be summed up in a simple rhyme: The C-Suite must care The workforce must be aware In this post, I want to focus on the “C-Suite” – a term used […]

The 2 Essential Ways to Prevent Data Breaches

by Daniel J. Solove We’re in the midst of a crisis in data protection. Billions of passwords stolen. . . Mammoth data breaches. . . Increasing threats. . . Malicious hackers . . .

The Most Effective Factor in Education

by Daniel J. Solove I’ve been a teacher for the past 15 years, and I’ve taught in several mediums including live classes and computer-based e-learning. I have come to the conclusion that the most effective factor in education and training is fostering emotional investment. Simply put, students must care about learning the material. The more […]

Follow Professor Solove on Social Media

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed: Professor Solove’s LinkedIn Influencer blog You can follow Professor Solove on his blog at LinkedIn, where he is an “LinkedIn Influencer.”  He blogs about various privacy and data security issues. His blog has […]

A List of Privacy Training and Data Security Training Requirements in Laws, Regulations, and Industry Codes

by Daniel J. Solove I was recently asked whether I had a list of the various laws, regulations, and industry codes that require privacy and/or data security training.  I know about a number of training requirements, but didn’t have a formal list.  I realized that such a list would be useful, so I created one […]

Higher Education Needs Privacy Officers and Privacy/Security Training

In 2007, Seung Cho, a student at Virginia Tech, killed 32 students and faculty and wounded 17. He then committed suicide. One of the most troublesome things about this incident was that it might have been prevented if school officials and employees had a better grasp of privacy law. Appointed by the state governor, the […]

New Privacy Training Programs: US, EU, and Global Privacy Law

by Daniel J. Solove We have launched several new privacy training programs, including a series with brief introductions to privacy law.  We have completed a privacy training program about US Privacy Law with a video and interactive material / quiz questions.  And we just completed a training program about EU Privacy Law.  This program has […]