Houston founders: How safe is your company's data?

guest column

Stay informed and regularly check your security procedures to protect yourself, your business, and your customers. Photo via Getty Images

As news comes out every week about new technologies, from new crypto wallets to generative AI to self-driving taxis, it can get overwhelming for most of us to keep up or to understand the new intricacies of technology, and it can get easy to say, “The IT department has it covered.” Well, do they have it covered?

Far too often, companies fail to protect its data with the same muster as its financial security until it is too late. Just as a healthy business will regularly conduct audits of its accounting processes to detect potential fraud, ensure regulatory compliance, and locate areas of improvement for the organization, the same should be done for a business’s data security practices. Key components of any organization are its people and its information, and the IT department is in charge of protecting that information.

We as business people need to ensure that the company’s technology personnel are indeed securing one of the company’s most valuable assets: information.

Big picture: Your business needs to follow an audit process

  1. Confirm the scope of your data
  2. Conduct an internal review of all security practices
  3. Conduct a review of all vendor practices that have access to your data
  4. Confirm compliance with regulations and contractual obligations
  5. Prepare a report with detailed findings and recommendations to improve on year-over-year

Data: What do you have and what duties does it require?

Personal information, particularly when it belongs to customers, is the most frequently compromised type of data. Under laws like the newly passed Texas Data Privacy and Security Act (TDPSA), businesses can have additional obligations to keep this information protected. Personal information can include any information “that is linked or reasonably linkable to an identified or identifiable individual.”

Sensitive data also requires extra precaution, which means protecting (1) personal data that reveals racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; (2) genetic or biometric data that is processed for the purpose of uniquely identifying an individual; (3) personal data collected from a known child; or (4) precise geolocation data.

Other types of data to watch out for include the business’s intellectual property, anonymized customer data, employee personal information, and any other type of proprietary business data. Depending on the industry, the cost of a breach of any of these types of data could be incredibly high, particularly for healthcare and finance.

Ultimately, Texas businesses are required to maintain reasonable procedures to protect personal information, and there may be other laws implicated such as HIPAA, GLBA, CCPA/CPRA, BIPA, GDPR, PIPEDA, and many more, depending on where business is done, the industry implicated, and, in some cases, where customers are located.

"But I think the vendor is responsible."

Check your contracts, and check if the law requires you to have a duty to protect the compromised information, as many do. Involve your IT department in the review of technical compliance whenever you are sharing data with a third party. Further, it is important to make sure that however the Data Processing Addendum says the vendor is processing data is how they are actually processing data. To that point, if you are processing someone else’s data, your business also needs to be doing what it says it is doing, in contracts with third parties and in your Privacy Policy.

Software as a service arrangements, end user license agreements, and other internet and software-based services may require you to hand over data and not give you the opportunity to customize and shift risk. This is why it is important to thoroughly evaluate what technical protections are in place because the risk and duty may still fall on your business regarding the data of your customers and employees. Ask yourself (or your IT professionals) if the vendor actually needs the data they receive to provide services to you.

Key takeaway: Stay informed

Your business needs checks and balances in place with the IT department to ensure you know what they are (or are not) doing and what they are supposed to do. You need policies and procedures, and they need to regularly be tested.

Do you know where your data is stored, both internally and with third parties? Who controls it? How is it being processed, and is anything being shared? Are encryption procedures in place? Firewalls, Intrusion Protection Systems, and End-Point Detection and Response? Do you and your vendors have Incident Response Plans? Stay informed and regularly check your security procedures to protect yourself, your business, and your customers.

------

Courtney Gahm-Oldham is partner at Frost Brown Todd. Lauren Cole is associate at Frost Brown Todd.

From Your Site Articles
Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Property Showcase

8 can't-miss Houston business and innovation events for December

where to be

Editor's note: Houston’s innovation scene is loading up the calendar before the holidays. From climatetech pitch days to the return of favorite festive shindigs, here's what not to miss and how to register. Please note: this article may be updated to include additional event listings.

Dec. 3 — SouthWest-Midwest National Pediatric Device Innovation Consortium

This annual event brings together members, colleagues and guests of the FDA-supported pediatric consortium who are dedicated to assisting device innovators throughout the lifecycle in delivering innovative solutions to patients. Featured speakers include Dr. Danielle Gottlieb from Le Bonheur Children's Hospital, Balakrishna Haridas from Texas A&M University and Dr. Chester Koh from Texas Children’s Hospital.

This event is Wednesday, Dec. 3, from 3:30-8 p.m. at Texas A&M EnMed Tower. Register here.

Dec. 4 — Resiliency & Adaptation Sector Pitch Day: Scaling Solutions to Address Climate Disruption

Join innovators, industry leaders, investors and policymakers as they explore breakthrough climate and energy technologies at Greentown's latest installment of its Sector Pitch Day series, focused on resiliency and adaptation. Hear from Adrian Trömel, Chief Innovation Officer at Rice University; Eric Willman, Executive Director of the Rice WaTER Institute; pitches from 10 Greentown startups and more.

This event is Thursday, Dec. 4, from 1-3:30 p.m. at the Ion. The Ion Holiday Block Party follows. Register here.

Dec. 4 — The Ion District Holiday Block Party

The Ion District, Rice Alliance and Greentown Labs will celebrate the season during the Ion District Holiday Block Party. Expect to find local bites, drinks, music and meaningful connections across Houston’s innovation ecosystem. Guests are invited to participate in Operation Love’s holiday toy drive supporting local families.

This event is Thursday, Dec. 4, from 4-7 p.m. Register here.

Dec. 8 — Pumps & Pipes Annual Event 2025

The annual gathering brings together cross-industry leaders in aerospace, energy and medicine for engaging discussions and networking opportunities. Connor Grennan, Chief AI Architect at the NYU Stern School of Business, will present this year's keynote address, entitled "Practical Strategies to Increase Productivity." Other sessions will feature leaders from Cena Research Institute, NASA Ames Research Center, ExxonMobil, Southwest Airlines and more.

This event is Monday, Dec. 8, from 8 a.m.-5 p.m., at TMC Helix Park. Register here.

Dec. 9 — Jingle and Mingle

Don your ugliest sweater and snap a pic with Startup Santa! Bayou City Startups, Rocket Network, Founder Institute and Energytech Nexus are bringing back their popular Jingle Mingle for the third year. Network and celebrate with founders, community stakeholders and others in Houston's innovation scene. Donations to the Houston Food Bank are encouraged in place of tickets.

This event is Tuesday, Dec. 9, from 5-7 p.m., at the Solarium in Midtown. Register here.

Dec. 9 — European Innovation Spotlight

Celebrate European cooperation and innovation with the European Innovation Council during an exclusive demo night and networking event at Greentown Labs. Hear from 15 EIC-backed founders supported by the European Union with top-class climatetech technologies, listen to a fireside chat and engage in a networking event following the pitches.

This event is Tuesday, Dec. 9, from 4:30-7 p.m., at the Ion. Register here.

Dec. 9-10 — Energy LIVE

Energy LIVE is Reuters Events' flagship ConfEx that brings the full energy ecosystem together under one roof to solve the industry's most urgent commercial and operational challenges. The event will feature 3,000-plus senior executives across three strategic stages, a showcase of 75-plus exhibitors and six strategic content pillars.

This event is Dec. 9-10 at NRG Park. Register here.

Dec. 15 — Innov8 Hub Pitch Day

Hear pitches from members of the latest Innov8 Hub Innovators to Founders cohort, which empowers academic scientists and innovators to become successful startup founders. Meet and network with the founders over light bites and drinks at a reception following the pitch competition.

This event is Monday, Dec. 15, at the Innovation Center at UH Technology Bridge (Bldg. 4). Register here.

5 Houston suburbs among top places to retire and more innovation news

Trending Topics

Editor's note: It's time to look back on the top Houston innovation news in recent weeks. From Houston's most valuable startups right now to the top places to retire in 2026, here are the most-read InnovationMap stories from November 16-30:

1. U.S. News names 5 Houston suburbs as the best places to retire in 2026

The Woodlands is the No. 4 best place to retire. Photo courtesy of Visit The Woodlands

Houston-area suburbs should be on the lookout for an influx of retirees in 2026. A new study by U.S. News and World Report has declared The Woodlands and Spring as the fourth and fifth best cities to retire in America, with three other local cities making the top 25. Continue reading.

2. 3 Houston companies land on Deloitte’s Technology Fast 500 list

Three Houston companies ranked on Deloitte's annual list, with two cracking the top 100. Photo via Getty Images

Three Houston companies have made this year’s Deloitte North America Technology Fast 500 list. The report ranks the fastest-growing technology, media, telecommunications, life sciences, fintech, and energy tech companies in North America. The top Houston company to make the list is Action1 Corp., No. 16, a provider of cybersecurity software. Continue reading.

3. Houston’s 10 most valuable startups revealed in new report

Houston's top startups by valuation range from e-commerce startups to a geothermal pioneer. Photo via Getty Images

The Greater Houston Partnership has released its list of the 10 most valuable startups that are fueling the city’s growth and entrepreneurial energy, including industry giants like Axiom Space and Fervo Energy. The list ranks its top 10 startups by valuation based on the company’s last private funding round, reflected in Pitchbook data, as of October 20 of this year. Continue reading.

4. Houston scores $120M in new cancer research and prevention grants

The Cancer Prevention and Research Institute of Texas has doled out 73 more grants to health care systems and companies in the state. Carter Smith/Courtesy of MD Anderson

The Cancer Prevention and Research Institute of Texas has granted more than $120 million to Houston organizations and companies as part of 73 new awards issued statewide. The funds are part of nearly $154 million approved by the CPRIT's governing board earlier this month, bringing the organization's total investment in cancer prevention and research to more than $4 billion since its inception. Continue reading.

5. Photos: Highlights from the 2025 Houston Innovation Awards

Congratulations to the 2025 Houston Innovation Awards winners! Photo by Emily Jaschke

The 2025 Houston Innovation Awards season came to a close on November 13 at InnovationMap's annual awards program and networking event. A full house of attendees gathered to celebrate the best and brightest in Houston innovation right now. Continue reading.

Houston scores $120M in new cancer research and prevention grants

cancer funding

The Cancer Prevention and Research Institute of Texas has granted more than $120 million to Houston organizations and companies as part of 73 new awards issued statewide.

The funds are part of nearly $154 million approved by the CPRIT's governing board earlier this month, bringing the organization's total investment in cancer prevention and research to more than $4 billion since its inception.

“Today marks an important milestone for CPRIT and for every Texan affected by cancer,” CEO Kristen Doyle said in a news release. “Texas has invested $4 billion in the fight against one of the world’s greatest public health challenges. Over 16 years, that support has helped Texas lead the search for breakthrough treatments, develop new cancer-fighting drugs and devices, and—most importantly—save tens of thousands of lives through early cancer detection and prevention. Every Texan should know this effort matters, and we’re not finished yet. Together, we will conquer cancer.”

A portion of the funding will go toward recruiting leading cancer researchers to Houston. CPRIT granted $5 million to bring John Quackenbush to Baylor College of Medicine. Quackenbush comes from the Harvard T.H. Chan School of Public Health and is an expert in computational and systems biology. His research focuses on complex genomic data to understand cancer and develop targeted therapies.

The University of Texas M.D. Anderson Cancer Center also received $3 million to recruit Irfan Asangani, an associate professor at the University of Pennsylvania Perelman School of Medicine. His research focuses on how chromatin structure and epigenetic regulation drive the development and progression of cancer, especially prostate cancer.

Other funds will go towards research on a rare, aggressive kidney cancer that impacts children and young adults; screening programs for breast and cervical cancer; and diagnostic technology.

In total, cancer grants were given to:

  • The University of Texas M.D. Anderson Cancer Center: $29.02 million
  • Baylor College of Medicine: $15.04 million
  • The University of Texas Health Science Center at Houston: $9.37 million
  • Texas A&M University System Health Science Center: $1.2 million
  • University of Houston: $900,000

Additional Houston-based companies landed grants, including:

  • Crossbridge Bio Inc.: $15.01 million
  • OncoMAGNETx Inc.: $13.97 million
  • Immunogenesis Inc.: $10.85 million
  • Diakonos Oncology Corporation: $7.16 million
  • Iterion Therapeutics Inc.: $7.13 million
  • NovaScan Inc.: $3.7 million
  • EMPIRI Inc.: $2.59 million
  • Air Surgical Inc.: $2.58 million
  • Light and Salt Association: $2.45 million

See the full list of awards here.

View All Listings