Houston founders: How safe is your company's data?

guest column

Stay informed and regularly check your security procedures to protect yourself, your business, and your customers. Photo via Getty Images

As news comes out every week about new technologies, from new crypto wallets to generative AI to self-driving taxis, it can get overwhelming for most of us to keep up or to understand the new intricacies of technology, and it can get easy to say, “The IT department has it covered.” Well, do they have it covered?

Far too often, companies fail to protect its data with the same muster as its financial security until it is too late. Just as a healthy business will regularly conduct audits of its accounting processes to detect potential fraud, ensure regulatory compliance, and locate areas of improvement for the organization, the same should be done for a business’s data security practices. Key components of any organization are its people and its information, and the IT department is in charge of protecting that information.

We as business people need to ensure that the company’s technology personnel are indeed securing one of the company’s most valuable assets: information.

Big picture: Your business needs to follow an audit process

  1. Confirm the scope of your data
  2. Conduct an internal review of all security practices
  3. Conduct a review of all vendor practices that have access to your data
  4. Confirm compliance with regulations and contractual obligations
  5. Prepare a report with detailed findings and recommendations to improve on year-over-year

Data: What do you have and what duties does it require?

Personal information, particularly when it belongs to customers, is the most frequently compromised type of data. Under laws like the newly passed Texas Data Privacy and Security Act (TDPSA), businesses can have additional obligations to keep this information protected. Personal information can include any information “that is linked or reasonably linkable to an identified or identifiable individual.”

Sensitive data also requires extra precaution, which means protecting (1) personal data that reveals racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; (2) genetic or biometric data that is processed for the purpose of uniquely identifying an individual; (3) personal data collected from a known child; or (4) precise geolocation data.

Other types of data to watch out for include the business’s intellectual property, anonymized customer data, employee personal information, and any other type of proprietary business data. Depending on the industry, the cost of a breach of any of these types of data could be incredibly high, particularly for healthcare and finance.

Ultimately, Texas businesses are required to maintain reasonable procedures to protect personal information, and there may be other laws implicated such as HIPAA, GLBA, CCPA/CPRA, BIPA, GDPR, PIPEDA, and many more, depending on where business is done, the industry implicated, and, in some cases, where customers are located.

"But I think the vendor is responsible."

Check your contracts, and check if the law requires you to have a duty to protect the compromised information, as many do. Involve your IT department in the review of technical compliance whenever you are sharing data with a third party. Further, it is important to make sure that however the Data Processing Addendum says the vendor is processing data is how they are actually processing data. To that point, if you are processing someone else’s data, your business also needs to be doing what it says it is doing, in contracts with third parties and in your Privacy Policy.

Software as a service arrangements, end user license agreements, and other internet and software-based services may require you to hand over data and not give you the opportunity to customize and shift risk. This is why it is important to thoroughly evaluate what technical protections are in place because the risk and duty may still fall on your business regarding the data of your customers and employees. Ask yourself (or your IT professionals) if the vendor actually needs the data they receive to provide services to you.

Key takeaway: Stay informed

Your business needs checks and balances in place with the IT department to ensure you know what they are (or are not) doing and what they are supposed to do. You need policies and procedures, and they need to regularly be tested.

Do you know where your data is stored, both internally and with third parties? Who controls it? How is it being processed, and is anything being shared? Are encryption procedures in place? Firewalls, Intrusion Protection Systems, and End-Point Detection and Response? Do you and your vendors have Incident Response Plans? Stay informed and regularly check your security procedures to protect yourself, your business, and your customers.

------

Courtney Gahm-Oldham is partner at Frost Brown Todd. Lauren Cole is associate at Frost Brown Todd.

From Your Site Articles
Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Property Showcase

Houston wearable biosensing company closes $13M pre-IPO round

fresh funding

Wellysis, a Seoul, South Korea-headquartered wearable biosensing company with its U.S. subsidiary based in Houston, has closed a $13.5 million pre-IPO funding round and plans to expand its Texas operations.

The round was led by Korea Investment Partners, Kyobo Life Insurance, Kyobo Securities, Kolon Investment and a co-general partner fund backed by SBI Investment and Samsung Securities, according to a news release.

Wellysis reports that the latest round brings its total capital raised to about $30 million. The company is working toward a Korea Securities Dealers Automated Quotations listing in Q4 2026 or Q1 2027.

Wellysis is known for its continuous ECG/EKG monitor with AI reporting. Its lightweight and waterproof S-Patch cardiac monitor is designed for extended testing periods of up to 14 days on a single battery charge.

The company says that the funding will go toward commercializing the next generation of the S-Patch, known as the S-Patch MX, which will be able to capture more than 30 biometric signals, including ECG, temperature and body composition.

Wellysis also reports that it will use the funding to expand its Houston-based operations, specifically in its commercial, clinical and customer success teams.

Additionally, the company plans to accelerate the product development of two other biometric products:

  • CardioAI, an AI-powered diagnostic software platform designed to support clinical interpretation, workflow efficiency and scalable cardiac analysis
  • BioArmour, a non-medical biometric monitoring solution for the sports, public safety and defense sectors

“This pre-IPO round validates both our technology and our readiness to scale globally,” Young Juhn, CEO of Wellysis, said in the release. “With FDA-cleared solutions, expanding U.S. operations, and a strong AI roadmap, Wellysis is positioned to redefine how cardiac data is captured, interpreted, and acted upon across healthcare systems worldwide.”

Wellysis was founded in 2019 as a spinoff of Samsung. Its S-Patch runs off of a Samsung Smart Health Processor. The company's U.S. subsidiary, Wellysis USA Inc., was established in Houston in 2023 and was a resident of JLABS@TMC.

Elon Musk vows to launch solar-powered data centers in space

To Outer Space

Elon Musk vowed this week to upend another industry just as he did with cars and rockets — and once again he's taking on long odds.

The world's richest man said he wants to put as many as a million satellites into orbit to form vast, solar-powered data centers in space — a move to allow expanded use of artificial intelligence and chatbots without triggering blackouts and sending utility bills soaring.

To finance that effort, Musk combined SpaceX with his AI business on Monday, February 2, and plans a big initial public offering of the combined company.

“Space-based AI is obviously the only way to scale,” Musk wrote on SpaceX’s website, adding about his solar ambitions, “It’s always sunny in space!”

But scientists and industry experts say even Musk — who outsmarted Detroit to turn Tesla into the world’s most valuable automaker — faces formidable technical, financial and environmental obstacles.

Feeling the heat

Capturing the sun’s energy from space to run chatbots and other AI tools would ease pressure on power grids and cut demand for sprawling computing warehouses that are consuming farms and forests and vast amounts of water to cool.

But space presents its own set of problems.

Data centers generate enormous heat. Space seems to offer a solution because it is cold. But it is also a vacuum, trapping heat inside objects in the same way that a Thermos keeps coffee hot using double walls with no air between them.

“An uncooled computer chip in space would overheat and melt much faster than one on Earth,” said Josep Jornet, a computer and electrical engineering professor at Northeastern University.

One fix is to build giant radiator panels that glow in infrared light to push the heat “out into the dark void,” says Jornet, noting that the technology has worked on a small scale, including on the International Space Station. But for Musk's data centers, he says, it would require an array of “massive, fragile structures that have never been built before.”

Floating debris

Then there is space junk.

A single malfunctioning satellite breaking down or losing orbit could trigger a cascade of collisions, potentially disrupting emergency communications, weather forecasting and other services.

Musk noted in a recent regulatory filing that he has had only one “low-velocity debris generating event" in seven years running Starlink, his satellite communications network. Starlink has operated about 10,000 satellites — but that's a fraction of the million or so he now plans to put in space.

“We could reach a tipping point where the chance of collision is going to be too great," said University at Buffalo's John Crassidis, a former NASA engineer. “And these objects are going fast -- 17,500 miles per hour. There could be very violent collisions."

No repair crews

Even without collisions, satellites fail, chips degrade, parts break.

Special GPU graphics chips used by AI companies, for instance, can become damaged and need to be replaced.

“On Earth, what you would do is send someone down to the data center," said Baiju Bhatt, CEO of Aetherflux, a space-based solar energy company. "You replace the server, you replace the GPU, you’d do some surgery on that thing and you’d slide it back in.”

But no such repair crew exists in orbit, and those GPUs in space could get damaged due to their exposure to high-energy particles from the sun.

Bhatt says one workaround is to overprovision the satellite with extra chips to replace the ones that fail. But that’s an expensive proposition given they are likely to cost tens of thousands of dollars each, and current Starlink satellites only have a lifespan of about five years.

Competition — and leverage

Musk is not alone trying to solve these problems.

A company in Redmond, Washington, called Starcloud, launched a satellite in November carrying a single Nvidia-made AI computer chip to test out how it would fare in space. Google is exploring orbital data centers in a venture it calls Project Suncatcher. And Jeff Bezos’ Blue Origin announced plans in January for a constellation of more than 5,000 satellites to start launching late next year, though its focus has been more on communications than AI.

Still, Musk has an edge: He's got rockets.

Starcloud had to use one of his Falcon rockets to put its chip in space last year. Aetherflux plans to send a set of chips it calls a Galactic Brain to space on a SpaceX rocket later this year. And Google may also need to turn to Musk to get its first two planned prototype satellites off the ground by early next year.

Pierre Lionnet, a research director at the trade association Eurospace, says Musk routinely charges rivals far more than he charges himself —- as much as $20,000 per kilo of payload versus $2,000 internally.

He said Musk’s announcements this week signal that he plans to use that advantage to win this new space race.

“When he says we are going to put these data centers in space, it’s a way of telling the others we will keep these low launch costs for myself,” said Lionnet. “It’s a kind of powerplay.”

Johnson Space Center and UT partner to expand research, workforce development

onward and upward

NASA’s Johnson Space Center in Houston has forged a partnership with the University of Texas System to expand collaboration on research, workforce development and education that supports space exploration and national security.

“It’s an exciting time for the UT System and NASA to come together in new ways because Texas is at the epicenter of America’s space future. It’s an area where America is dominant, and we are committed as a university system to maintaining and growing that dominance,” Dr. John Zerwas, chancellor of the UT System, said in a news release.

Vanessa Wyche, director of Johnson Space Center, added that the partnership with the UT System “will enable us to meet our nation’s exploration goals and advance the future of space exploration.”

The news release noted that UT Health Houston and the UT Medical Branch in Galveston already collaborate with NASA. The UT Medical Branch’s aerospace medicine residency program and UT Health Houston’s space medicine program train NASA astronauts.

“We’re living through a unique moment where aerospace innovation, national security, economic transformation, and scientific discovery are converging like never before in Texas," Zerwas said. “UT institutions are uniquely positioned to partner with NASA in building a stronger and safer Texas.”

Zerwas became chancellor of the UT System in 2025. He joined the system in 2019 as executive vice chancellor for health affairs. Zerwas represented northwestern Ford Bend County in the Texas House from 2007 to 2019.

In 1996, he co-founded a Houston-area medical practice that became part of US Anesthesia Partners in 2012. He remained active in the practice until joining the UT System. Zerwas was chief medical officer of the Memorial Hermann Hospital System from 2003 to 2008 and was its chief physician integration officer until 2009.

Zerwas, a 1973 graduate of the Houston area’s Bellaire High School, is an alumnus of the University of Houston and Baylor College of Medicine.

View All Listings