Education and GDPR - Information Management Today

Three Italian universities hacked by LulzSec_ITA collective

Security Affairs

FEBRUARY 13, 2020

The hacktivists claim that once hacked the universities did not disclose the data breach and attempted to hide the incident, violating the European Privacy Law GDPR. GDPR #LulzSecITA #Università #Hacked — LulzSecITA (@LulzSec_ITA) February 10, 2020. Dato che sui social e siti web non si trova nulla.

Data breaches

Data breaches GDPR Education Passwords

Data breaches grow across UK education sector

IT Governance

NOVEMBER 29, 2018

A recent freedom of information request by chartered accountants UHY Hacker Young reveals a worrying rise in reported data breaches across the UK education sector. The post Data breaches grow across UK education sector appeared first on IT Governance Blog. Find out more about the scheme and IT Governance’s certification options here.

Education

Education Data breaches GDPR Government

Exploiting GDPR to Get Private Information

Schneier on Security

AUGUST 13, 2019

A researcher abused the GDPR to get information on his fiancee: It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR) , which came into force in May 2018. Generally if it was an extremely large company -- especially tech ones -- they tended to do really well," he told the BBC.

GDPR

GDPR Education Compliance IT

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

British Council exposed 144,000 files containing student details?

Security Affairs

FEBRUARY 1, 2022

The British Council is a British organisation specialising in international cultural and educational opportunities. It operates in over 100 countries: promoting a wider knowledge of the United Kingdom and the English language; encouraging cultural, scientific, technological and educational co-operation with the United Kingdom.

Education

Education Phishing GDPR Passwords

IT Governance Podcast 2023-1: more ransomware attacks on the education sector, and DPC and Meta sued

IT Governance

JANUARY 13, 2023

This week, we discuss a series of ransomware attacks on 30 schools and colleges in the UK, legal action against both Meta and the Irish Data Protection Commission following last year’s massive Facebook GDPR fine, and the third stage of a cyber-defence-in-depth strategy: management.

Education

Education Ransomware Government GDPR

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Srivatsav Ravi Srivatsav , CEO, DataKrypto Non-compliance with regulations, such as the European Unions General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), risks severe penalties. Government initiatives and awareness campaigns will educate users on phishing and malware threats.

Compliance

Compliance Cybersecurity Risk Privacy

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant.

GDPR

GDPR Privacy Personal data Retail

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Hunton Privacy

JULY 1, 2020

The Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) recently announced that it levied a €600,000 fine on banking institution UniCredit for several violations of the Italian Personal Data Protection Code, in its pre-General Data Protection Regulation (“GDPR”) form.

Data breaches

Data breaches GDPR Personal data Education

Government surveying further education providers before Brexit

IT Governance

SEPTEMBER 24, 2019

Among the uncertainty surrounding GDPR (General Data Protection Regulation) compliance – particularly with Brexit complicating things – the UK government has been a reliable source for advice. The GDPR and Brexit. Meanwhile, IT Governance has a wide selection of tools and services to help the education sector meet its requirements.

Education

Education Government GDPR Personal data

GDPR One Year Anniversary: What We’ve Learned So Far

Thales Cloud Protection & Licensing

JUNE 4, 2019

On May 25, the European Union celebrated the first anniversary of the enforcement of the General Data Protection Regulation (GDPR) , the most important change in data privacy regulations in the last decade, designed to restructure the way in which personal data is handled across every sector (public or private) and every industry.

GDPR

GDPR Data Privacy Compliance Privacy

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Security Affairs

FEBRUARY 24, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks since 2014. ” continues the report.

Data breaches

Data breaches GDPR Education Cybersecurity

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

Security Affairs

APRIL 1, 2023

If the company will fail to notify Italy’s data protection agency it will be fined up to EUR 20 million or 4% of the total worldwide annual turnover in compliance to the General Data Protection Regulation (GDPR). We are also temporarily pausing subscription renewals in Italy so that users won't be charged while ChatGPT is suspended.

Privacy

Privacy Personal data GDPR Compliance

GDPR: How the definition of personal data has changed

IT Governance

APRIL 10, 2019

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. DPO as a service (GDPR). This blog has been updated to reflect industry updates.

Personal data

Personal data GDPR Education Government

Is your school GDPR-compliant? Use our checklist to find out

IT Governance

MARCH 28, 2019

At the recent ASCL (Association of School and College Leaders) conference , a guest said to us: “The GDPR ? Granted, 2018 was very much ‘the year of the GDPR’ in some circles. GDPR compliance in schools. Schools have a particularly hard time of it when it comes to the GDPR. Want help tracking your GDPR compliance?

GDPR

GDPR Compliance Data breaches Personal data

Sign up for the new education sector email updates

IT Governance

AUGUST 2, 2018

To support the wider education sector with data protection and cyber security, we are launching a sector specific email newsletter and blog series. To sign-up, send us ideas of what you would like us to cover or questions for us to answer, please leave complete this form and choose education as your sector. How to sign up.

Education

Education GDPR Data breaches Government

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Meanwhile, although the specifics of Brexit are still unclear, one thing is certain: whatever happens, UK-based organisations will be subject to the GDPR’s requirements.

GDPR

GDPR Compliance Personal data Access

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

In addition to data subjects’ rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability and to object, the EU’s GDPR (General Data Protection Regulation) sets out requirements relating to automated individual decision-making, including profiling. What is profiling under the GDPR?

GDPR

GDPR Personal data Compliance Financial Services

Global CRM Provider Exposed Millions of Clients’ Files Online

Security Affairs

OCTOBER 5, 2023

One folder specifically belonging to a managed educational platform that provides educational and school management services was removed from public access the same day. The relevant company directors and gdpr officers have been notified, by the development manager”.

Data breaches

Data breaches B2B Education Access

Department for Education’s handling of pupil data ruled illegal

The Guardian Data Protection

OCTOBER 7, 2020

Data watchdog finds ministry broke GDPR by mishandling national database for England The Department for Education broke the law in its mishandling of the national database containing details of every school pupil in England, the Information Commissioner’s Office has concluded in a highly critical report.

Education

Education GDPR Privacy IT

Why is the GDPR still something I should be concerned about?

IT Governance

OCTOBER 15, 2018

The EU’s GDPR (General Data Protection Regulation) superseded all laws based on the EU’s Data Protection Directive, including the UK’s Data Protection Act 1998, on 25 May 2018. Some organisations believe that a simple privacy notice is all that is required, but the GDPR actually demands far more than that. . GDPR complexities .

GDPR

GDPR Data breaches Personal data Data collection

More than half of schools not compliant with the GDPR

IT Governance

MAY 2, 2019

In a recent survey from edtech giant RM Learning and Trend Micro , 14% of respondents also admitted to not having a clear plan to become compliant with the GDPR (General Data Protection Regulation). Easy steps to reduce the risks and demonstrate GDPR compliance. Mandatory breach recording and reporting. The GDPR.co.uk The GDPR.co.uk

GDPR

GDPR Data breaches Compliance Phishing

How the CCPA and GDPR Are Different

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR

GDPR Privacy Personal data Passwords

Experts warn of scanning activity for critical SAP SolMan flaw after the release of exploit

Security Affairs

JANUARY 21, 2021

Last week, Dmitry Chastuhin released a PoC exploit code for CVE-2020-6207 for educational purposes. RCE PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager) [link] pic.twitter.com/enoqzKEVTv — Dmitry Chastuhin (@_chipik) January 14, 2021.

Authentication

Authentication Compliance GDPR Risk

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Security Affairs

JUNE 1, 2021

On their landing page, there is a catchy reference to GDPR regulations: “ The GDPR at Article 33 requires that, in the event of a personal data breach, data controllers should notify the appropriate supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it.

Ransomware

Ransomware Sales Government GDPR

Belgian Privacy Commission Issues Guidance on Data Protection Impact Assessments Under the GDPR

Data Matters

APRIL 5, 2018

On 28 February 2018, the Belgian Commission for the Protection of Privacy (the “Privacy Commission”) published a recommendation setting out its approach to Data Protection Impact Assessments (“DPIAs”), and in doing so published a “White List” and a “Black List” of processing operations, pursuant to the General Data Protection Regulation (“GDPR”).

GDPR

GDPR Privacy Personal data Education

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

In that case, you must abide by the General Data Protection Regulation (GDPR), which imposes fines on some activities that are perfectly legal in the U.S. For instance, if you have employees in China and the EU, you’ll have to obtain Chinese government approval to provide data from China to EU authorities enforcing the GDPR.

Communications

Communications Cybersecurity GDPR Risk

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. The GDPR concerns personal data that is: Collected in an enterprise context; and. Some began to lose faith.

GDPR

GDPR Compliance Personal data Data breaches

The GDPR: A year in review

IT Governance

MAY 23, 2019

A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. In the first half of 2018, it was practically impossible to avoid news stories about the GDPR, the majority of which focused on the potential for hefty administrative fines for non-compliance.

GDPR

GDPR Data breaches Compliance Retail

Five Steps to Win the Battle Against Information Chaos in 2021

AIIM

APRIL 15, 2021

You can have some great, fantastic ideas about what you want to do with information, but you need to be able to educate everyone up and down the stack about what you are planning. Is there a major regulatory drive like GDPR, PII, or CCPA in your organization? Step 1: Recognize that Change Management Isn't Just for Frontline Workers.

Education

Education Records Management GDPR Risk

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation.

GDPR

GDPR Compliance Security awareness Education

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation.

GDPR

GDPR Compliance Security awareness Education

3 tips for successful GDPR staff training

IT Governance

NOVEMBER 21, 2017

Staff awareness should be a major concern for organisations looking to comply with the EU General Data Protection Regulation (GDPR). However, our 2017 GDPR Report found that less than 10% of organisations have provided GDPR staff awareness training to all employees. Why implement a GDPR staff awareness training programme?

GDPR

GDPR Compliance Education Data breaches

Are your staff GDPR trained? Find out what you need to do

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. That’s hardly a surprise, given how few resources organisations dedicate to educating their staff on how to handle sensitive information. Staff training under the GDPR.

GDPR

GDPR Information Security Government Data breaches

Are your staff GDPR trained? Find out what you need to do

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. That’s hardly a surprise, given how few resources organisations dedicate to educating their staff on how to handle sensitive information. Staff training under the GDPR.

GDPR

GDPR Information Security Government Data breaches

Only 25% of UK law firms are prepared for the GDPR

IT Governance

NOVEMBER 20, 2017

A recent report from CenturyLink has highlighted a lack of preparation among UK law firms for the upcoming EU General Data Protection (GDPR) compliance deadline. The report questioned more than 150 legal sector IT decision makers in the UK and discovered that only 25% believe they are currently compliant with the GDPR.

GDPR

GDPR Compliance Data breaches Paper

The GDPR has arrived – are you compliant?

IT Governance

JUNE 14, 2018

The EU General Data Protection Regulation (GDPR) has been in effect for almost three weeks now – are you compliant, are you still working towards compliance or are you unsure of where to start? Register for our free webinars to find out how you can get started with your GDPR compliance project. Upcoming webinars. Quick wins.

GDPR

GDPR Compliance Education Risk

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

The Last Watchdog

AUGUST 20, 2024

Non-compliance with frameworks such as GDPR in Europe or HIPAA in the United States can result in substantial fines. Protection through education Cybersecurity training empowers employees by educating them about the risks associated with cyber threats and the methods by which these threats can infiltrate an organization.

Cybersecurity

Cybersecurity Security Education Compliance

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

If you are a European citizen, contact the company that needs your private information and ask them what kind of measures they implemented to comply with GDPR laws. Make sure to send only the necessary information they need and ask them what kind of security measures they are taking to keep your private data private.

Data breaches

Data breaches Insurance Paper Access

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR). Are your staff aware of the GDPR? Key findings. Don’t let your staff be your downfall.

GDPR

GDPR Government Education Compliance

Universities across the UK and North America confirm cyber attack

IT Governance

JULY 28, 2020

Blackbaud, which provides education administration, fundraising and financial management software, was infected with ransomware, giving cyber criminals access to a wealth of sensitive information. At least eight educational institutions in the US and Canada were also affected, as well as several charities on both sides of the Atlantic.

GDPR

GDPR Education Ransomware Data breaches

Spanish Senate signs-off new GDPR-compliant Data Protection Act

DLA Piper Privacy Matters

NOVEMBER 21, 2018

After a very long delay and amidst rumors that the Spanish Parliament could be dissolved and early elections called, the Spanish Senate speedily dismissed all the proposals for further changes and approved the new GDPR-compliant Spanish Data Protection Act on Wednesday 21 November 2018.

GDPR

GDPR Personal data Access Education

We Finally Have Our First Big GDPR Fine: Data Privacy Trends

eDiscovery Daily

JANUARY 22, 2019

As covered in Fortune ( France Fines Google $57 Million For GDPR Violations , written by Emily Price), France’s data protection regulator, the Commission nationale de l’informatique et des libertés (CNIL), has issued a €50 million fine (about $56.8 million ) fine to Google for failing to comply with GDPR. So, what do you think?

GDPR

GDPR Data Privacy Privacy Education

Victims of Blackbaud ransomware attack to take legal action

IT Governance

SEPTEMBER 24, 2020

Blackbaud, which provides education administration, fundraising and financial management support, was attacked earlier this year, with cyber criminals accessing victims’: Names; Dates of birth; Addresses; Phone numbers; Email addresses; Donation history; and Events that individuals attended. Do they have a case? they have suffered distress).

Ransomware

Ransomware Data breaches Education GDPR

Three Italian universities hacked by LulzSec_ITA collective

Data breaches grow across UK education sector

Webinars

Trending Sources

Exploiting GDPR to Get Private Information

Webinars

British Council exposed 144,000 files containing student details?

IT Governance Podcast 2023-1: more ransomware attacks on the education sector, and DPC and Meta sued

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Does your use of CCTV comply with the GDPR?

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Government surveying further education providers before Brexit

GDPR One Year Anniversary: What We’ve Learned So Far

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

GDPR: How the definition of personal data has changed

Is your school GDPR-compliant? Use our checklist to find out

Sign up for the new education sector email updates

7 steps to highly effective GDPR compliance

GDPR automated decision-making and profiling: what are the requirements?

Global CRM Provider Exposed Millions of Clients’ Files Online

Department for Education’s handling of pupil data ruled illegal

Why is the GDPR still something I should be concerned about?

More than half of schools not compliant with the GDPR

How the CCPA and GDPR Are Different

Experts warn of scanning activity for critical SAP SolMan flaw after the release of exploit

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Belgian Privacy Commission Issues Guidance on Data Protection Impact Assessments Under the GDPR

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

Wake up to the reality of the GDPR: What you need to know about compliance

The GDPR: A year in review

Five Steps to Win the Battle Against Information Chaos in 2021

How to implement a GDPR staff awareness training programme

How to implement a GDPR staff awareness training programme

3 tips for successful GDPR staff training

Are your staff GDPR trained? Find out what you need to do

Are your staff GDPR trained? Find out what you need to do

Only 25% of UK law firms are prepared for the GDPR

The GDPR has arrived – are you compliant?

Security Compliance & Data Privacy Regulations

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

Data Breach: Turkish legal advising company exposed over 15,000 clients

Government survey reveals GDPR awareness is falling short

Universities across the UK and North America confirm cyber attack

Spanish Senate signs-off new GDPR-compliant Data Protection Act

We Finally Have Our First Big GDPR Fine: Data Privacy Trends

Victims of Blackbaud ransomware attack to take legal action

Stay Connected