Houston founders: How safe is your company's data?

guest column

Stay informed and regularly check your security procedures to protect yourself, your business, and your customers. Photo via Getty Images

As news comes out every week about new technologies, from new crypto wallets to generative AI to self-driving taxis, it can get overwhelming for most of us to keep up or to understand the new intricacies of technology, and it can get easy to say, “The IT department has it covered.” Well, do they have it covered?

Far too often, companies fail to protect its data with the same muster as its financial security until it is too late. Just as a healthy business will regularly conduct audits of its accounting processes to detect potential fraud, ensure regulatory compliance, and locate areas of improvement for the organization, the same should be done for a business’s data security practices. Key components of any organization are its people and its information, and the IT department is in charge of protecting that information.

We as business people need to ensure that the company’s technology personnel are indeed securing one of the company’s most valuable assets: information.

Big picture: Your business needs to follow an audit process

  1. Confirm the scope of your data
  2. Conduct an internal review of all security practices
  3. Conduct a review of all vendor practices that have access to your data
  4. Confirm compliance with regulations and contractual obligations
  5. Prepare a report with detailed findings and recommendations to improve on year-over-year

Data: What do you have and what duties does it require?

Personal information, particularly when it belongs to customers, is the most frequently compromised type of data. Under laws like the newly passed Texas Data Privacy and Security Act (TDPSA), businesses can have additional obligations to keep this information protected. Personal information can include any information “that is linked or reasonably linkable to an identified or identifiable individual.”

Sensitive data also requires extra precaution, which means protecting (1) personal data that reveals racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; (2) genetic or biometric data that is processed for the purpose of uniquely identifying an individual; (3) personal data collected from a known child; or (4) precise geolocation data.

Other types of data to watch out for include the business’s intellectual property, anonymized customer data, employee personal information, and any other type of proprietary business data. Depending on the industry, the cost of a breach of any of these types of data could be incredibly high, particularly for healthcare and finance.

Ultimately, Texas businesses are required to maintain reasonable procedures to protect personal information, and there may be other laws implicated such as HIPAA, GLBA, CCPA/CPRA, BIPA, GDPR, PIPEDA, and many more, depending on where business is done, the industry implicated, and, in some cases, where customers are located.

"But I think the vendor is responsible."

Check your contracts, and check if the law requires you to have a duty to protect the compromised information, as many do. Involve your IT department in the review of technical compliance whenever you are sharing data with a third party. Further, it is important to make sure that however the Data Processing Addendum says the vendor is processing data is how they are actually processing data. To that point, if you are processing someone else’s data, your business also needs to be doing what it says it is doing, in contracts with third parties and in your Privacy Policy.

Software as a service arrangements, end user license agreements, and other internet and software-based services may require you to hand over data and not give you the opportunity to customize and shift risk. This is why it is important to thoroughly evaluate what technical protections are in place because the risk and duty may still fall on your business regarding the data of your customers and employees. Ask yourself (or your IT professionals) if the vendor actually needs the data they receive to provide services to you.

Key takeaway: Stay informed

Your business needs checks and balances in place with the IT department to ensure you know what they are (or are not) doing and what they are supposed to do. You need policies and procedures, and they need to regularly be tested.

Do you know where your data is stored, both internally and with third parties? Who controls it? How is it being processed, and is anything being shared? Are encryption procedures in place? Firewalls, Intrusion Protection Systems, and End-Point Detection and Response? Do you and your vendors have Incident Response Plans? Stay informed and regularly check your security procedures to protect yourself, your business, and your customers.

------

Courtney Gahm-Oldham is partner at Frost Brown Todd. Lauren Cole is associate at Frost Brown Todd.

From Your Site Articles
Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Property Showcase

Houston team uses CPRIT funding to develop nanodrug for cancer immunotherapy

cancer research

With a relative five-year survival rate of 50 percent, pancreatic cancer is a diagnosis nobody wants. At 60 percent, the prognosis for lung cancer isn’t much rosier. That’s because both cancers contain regulatory B cells (Bregs), which block the body’s natural immunity, making it harder to fight the enemies within.

Newly popular immunotherapies in a category known as STING agonists may stimulate natural cancer defenses. However, they can also increase Bregs while simultaneously causing significant side effects. But Wei Gao, assistant professor of pharmacology at the University of Houston College of Pharmacy, may have a solution to that conundrum.

Gao and her team have developed Nano-273, a dual-function drug, packaged in an albumin-based particle, that boosts the immune system to help it better fight pancreatic and lung cancers. Gao’s lab recently received a $900,000 grant from the Cancer Prevention and Research Institute of Texas (CPRIT) to aid in fueling her research into the nanodrug.

“Nano-273 both activates STING and blocks PI3Kγ—a pathway that drives Breg expansion, while albumin nanoparticles help deliver the drug directly to immune cells, reducing unwanted side effects,” Gao said in a press release. “This approach reduces harmful Bregs while boosting immune cells that attack cancer, leading to stronger and more targeted anti-tumor responses.”

In studies using models of both pancreatic and lung cancers, Nano-273 has shown great promise with low toxicity. Its best results thus far have involved using the drug in combination with immunotherapy or chemotherapy.

With the CPRIT funds, Gao and her team will be able to charge closer to clinical use with a series of important steps. Those include continuing to test Nano-273 alongside other drugs, including immune checkpoint inhibitors. Safety studies will follow, but with future patients in mind, Gao will also work toward improving her drug’s production, making sure that it’s safe and high-quality every time, so that it is eventually ready for trials.

Gao added: “If successful, this project could lead to a new type of immunotherapy that offers lasting tumor control and improved survival for patients with pancreatic and lung cancers, two diseases that urgently need better treatments."

Houston booms as No. 2 U.S. metro for new home construction

Construction Boom

Driven by population growth, more residential rooftops are popping up across Houston and the rest of Texas than anywhere else in America.

Using data from the U.S. Census Bureau and Zillow, Construction Coverage found 65,747 new residential units were authorized in greater Houston in 2024. That figure landed Houston in second place among major metro areas for the total number of housing permits, including those for single-family homes, apartments, and condos.

Just ahead of Houston was the Dallas-Fort Worth Metroplex, which took first place with 71,788 residential permits approved in 2024. In third place was the country’s largest metro, New York City (57,929 permits).Elsewhere in Texas, the Austin metro ranked sixth (32,294 permits), and the San Antonio metro ranked 20th (14,857 permits).

Construction Coverage also sorted major metro areas based on the number of new housing units authorized per 1,000 existing homes in 2024. Raleigh, North Carolina, held the No. 1 spot (28.8 permits per 1,000 existing homes), followed by Austin at No. 2 (28.6), DFW at No. 3 (22.2), Houston at No. 4 (21.6), and San Antonio at No. 13 (13.6).

A Newsweek analysis of Census Bureau data shows building permits for 225,756 new residential units were approved in 2024 in Texas — a trend fueled largely by activity in DFW, Houston, Austin, and San Antonio. That put Texas atop the list of states building the most residential units for the year.

Through the first eight months of last year, 145,901 permits for new residential units were approved in Texas, according to Census Bureau data. That’s nearly 80,000 permits shy of the 2024 total.

Among the states, Construction Coverage ranks Texas sixth for the number of residential building permits approved in 2024 per 1,000 existing homes (17.9).

Extra housing is being built in Texas to meet demand spurred by population growth. From April 2020 to July 2024, the state’s population increased 7.3 percent, the Census Bureau says.

While builders are busy constructing new housing in Texas, they’re not necessarily profiting a lot from homebuilding activity.

“Market conditions remain challenging, with two-thirds of builders reporting they are offering incentives to move buyers off the fence,” North Carolina homebuilder Buddy Hughes, chairman of the National Association of Home Builders, said in a December news release. “Meanwhile, builders are contending with rising material and labor prices, as tariffs are having serious repercussions on construction costs.”

5+ must-know application deadlines for Houston innovators

apply now

Editor's note: As 2026 ramps up, the Houston innovation scene is looking for the latest groups of innovative startups that'll make an impact. A number of accelerators and competitions have opened applications. Read below to see which might be a good fit for you or your venture. And take careful note of the deadlines. Please note: this article may be updated to include additional information and programs.

Did we miss an accelerator or competition accepting applications? Email innoeditor@innovationmap.com for editorial consideration.

2026 HCC Business Plan Competition

Deadline: Jan. 26

Details: HCC’s annual Business Plan Competition (BPC) is an opportunity for proposed, startup and existing entrepreneurs to develop focused plans to start or grow their businesses. Accepted teams will be announced and training will begin in late February and run through early June, with six free, three-hour training sessions. Advising will be provided to each accepted team. Applicants can apply as a team of up to five persons. Finalists will present to to gudges on May 27, 2026. Last year, $26,000 was awarded in seed money to the top five teams. In-kind prizes were also awarded to all graduating teams including free products, services and memberships, with an estimated in-kind value totaling $147,000. Find more information here.

University of Houston Technology Bridge Innov8 Hub (Spring 2026)

Deadline: Jan . 30

Details: UHTB Innov8 Hub’s immersive, 12-week startup acceleration program designed to help early-stage founders launch and scale their technology startups. Selected participants will gain access to expert mentors and advisors, collaborate with a cohort of peers, and compete for cash prizes during our final pitch event. The cohort begins Feb. 16, 2026. The program culminates in Pitch Day, where participants present their ventures to an audience of investors and partners from across the UH innovation ecosystem. Find more information here.

Rice Business Plan Competition 2026

Deadline: Jan. 31

Details: The Rice Business Plan Competition, hosted by the Rice Alliance for Technology and Entrepreneurship, gives collegiate entrepreneurs real-world experience to pitch their startups, enhance their business strategy and learn what it takes to launch a successful company. Forty-two teams will compete for more than $1 million in cash, investments and prizes on April 9-11, 2026. Find more information here.

Rice Veterans Business Battle 2026

Deadline: Jan. 31

Details: The Rice Veterans Business Battle is one of the nation’s largest pitch competitions for veteran-led startups, providing founders with mentorship, exposure to investors and the opportunity to compete for non-dilutive cash prizes. The event has led to more than $10 million of investments since it began in 2015. Teams will compete April 8-9, 2026. Find more information here.

TEX-E Fellows Application 2026-2027

Deadline: Feb. 10

Details: The TEX‑E Fellowship is a hands-on program designed for students interested in energy, climate, and entrepreneurship across Texas. It connects participants with industry mentors, startup founders, investors and academic leaders while providing practical, "real-world" experience in customer discovery, business modeling, and energy-transition innovation. Fellows gain access to workshops, real-world projects, and a statewide network shaping the future of energy and climate solutions. Participants must be a student at PVAMU, UH, UT Austin, Rice University, MIT or Texas A&M. Find more information here.

2026 Energy Venture Day & Pitch Competition

Deadline: Feb. 13

Details: The Rice Alliance, the Houston Energy Transition Initiative (HETI) and TEX-E will present the annual Energy Venture Day and Pitch Competition during CERAWeek on March 24-25, 2026. Energy Venture Day features two days of presentations by energy tech ventures driving efficiency and advancements toward the energy transition. On March 24, the Pitch Preview at the Ion will feature over 50 companies presenting in front of Rice Alliance's robust network of investors and industry partners. On March 25, the Energy Venture Day and Pitch Competition during CERAWeek will showcase 36 ventures at the George R Brown Convention Center. The pitch competition is divided up into the TEX-E university track, in which Texas student-led energy startups compete for $50,000 in cash prizes, and the industry ventures track. The industry track is subdivided into three additional tracks, spanning materials to clean energy. The top three companies from each industry track will be named. The winner of the CERAWeek competition will also have the chance to advance and compete for the $1 million investment prize at the Startup World Cup. Find more information here.

Greentown Go Make 2026

Deadline: March 10

Details: Greentown Go Make 2026 is an open-innovation program with Shell and Technip Energies. The six-month program is advancing industrial decarbonization by accelerating catalytic innovations. Selected startups will gain access to a structured platform to engage leadership from Shell and Technip Energies and explore potential partnership outcomes, including pilots and demonstrations. They’ll also receive networking opportunities, partnership-focused programming, and marketing visibility throughout the program. The cohort will be selected in May. Find more information here.

View All Listings