Houston founders: How safe is your company's data?

guest column

Stay informed and regularly check your security procedures to protect yourself, your business, and your customers. Photo via Getty Images

As news comes out every week about new technologies, from new crypto wallets to generative AI to self-driving taxis, it can get overwhelming for most of us to keep up or to understand the new intricacies of technology, and it can get easy to say, “The IT department has it covered.” Well, do they have it covered?

Far too often, companies fail to protect its data with the same muster as its financial security until it is too late. Just as a healthy business will regularly conduct audits of its accounting processes to detect potential fraud, ensure regulatory compliance, and locate areas of improvement for the organization, the same should be done for a business’s data security practices. Key components of any organization are its people and its information, and the IT department is in charge of protecting that information.

We as business people need to ensure that the company’s technology personnel are indeed securing one of the company’s most valuable assets: information.

Big picture: Your business needs to follow an audit process

  1. Confirm the scope of your data
  2. Conduct an internal review of all security practices
  3. Conduct a review of all vendor practices that have access to your data
  4. Confirm compliance with regulations and contractual obligations
  5. Prepare a report with detailed findings and recommendations to improve on year-over-year

Data: What do you have and what duties does it require?

Personal information, particularly when it belongs to customers, is the most frequently compromised type of data. Under laws like the newly passed Texas Data Privacy and Security Act (TDPSA), businesses can have additional obligations to keep this information protected. Personal information can include any information “that is linked or reasonably linkable to an identified or identifiable individual.”

Sensitive data also requires extra precaution, which means protecting (1) personal data that reveals racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; (2) genetic or biometric data that is processed for the purpose of uniquely identifying an individual; (3) personal data collected from a known child; or (4) precise geolocation data.

Other types of data to watch out for include the business’s intellectual property, anonymized customer data, employee personal information, and any other type of proprietary business data. Depending on the industry, the cost of a breach of any of these types of data could be incredibly high, particularly for healthcare and finance.

Ultimately, Texas businesses are required to maintain reasonable procedures to protect personal information, and there may be other laws implicated such as HIPAA, GLBA, CCPA/CPRA, BIPA, GDPR, PIPEDA, and many more, depending on where business is done, the industry implicated, and, in some cases, where customers are located.

"But I think the vendor is responsible."

Check your contracts, and check if the law requires you to have a duty to protect the compromised information, as many do. Involve your IT department in the review of technical compliance whenever you are sharing data with a third party. Further, it is important to make sure that however the Data Processing Addendum says the vendor is processing data is how they are actually processing data. To that point, if you are processing someone else’s data, your business also needs to be doing what it says it is doing, in contracts with third parties and in your Privacy Policy.

Software as a service arrangements, end user license agreements, and other internet and software-based services may require you to hand over data and not give you the opportunity to customize and shift risk. This is why it is important to thoroughly evaluate what technical protections are in place because the risk and duty may still fall on your business regarding the data of your customers and employees. Ask yourself (or your IT professionals) if the vendor actually needs the data they receive to provide services to you.

Key takeaway: Stay informed

Your business needs checks and balances in place with the IT department to ensure you know what they are (or are not) doing and what they are supposed to do. You need policies and procedures, and they need to regularly be tested.

Do you know where your data is stored, both internally and with third parties? Who controls it? How is it being processed, and is anything being shared? Are encryption procedures in place? Firewalls, Intrusion Protection Systems, and End-Point Detection and Response? Do you and your vendors have Incident Response Plans? Stay informed and regularly check your security procedures to protect yourself, your business, and your customers.

------

Courtney Gahm-Oldham is partner at Frost Brown Todd. Lauren Cole is associate at Frost Brown Todd.

From Your Site Articles
Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Property Showcase

UH, Baylor researchers make breakthrough with new pediatric leukemia treatment device

childhood cancer

A team of Houston researchers has developed a new microfluidic device aimed at making treatments safer for children with hyperleukocytosis, a life-threatening hematologic emergency often seen in patients with leukemia.

Dr. Fong Lam, an associate professor of pediatrics at Baylor College of Medicine and a pediatric intensive care physician at Texas Children’s Hospital, partnered with Sergey Shevkoplyas, a professor of biomedical engineering at UH, on the device that uses a large number of tiny channels to quickly separate blood cells by size in a process called controlled incremental filtration, according to a news release from UH.

They tested whether performing cell separation with a high-throughput microfluidic device could alleviate the limitations of traditional conventional blood-filtering machines, which pose risks for pediatric patients due to their large extracorporeal volume (ECV), high flow rates and tendency to cause significant platelet loss in the patient. The results of their study, led by Mubasher Iqbal, a Ph.D. candidate in biomedical engineering at UH, were published recently in the journal Nature Communications.

“Continuously and efficiently separating leukocytes from recirculating undiluted whole blood — without device clogging and cell activation or damage — has long been a major challenge in microfluidic cell separation,” Shevkoplyas said in a news release. “Our study is the first to solve this problem.”

Hyperleukocytosis is a condition that develops when the body has an extremely high number of white blood cells, which in many cases is due to leukemia. According to the release, up to 20 percent to 30 percent of patients with acute leukemia develop hyperleukocytosis, and this places them at risk for potentially fatal complications.

The new device utilizes tiny channels—each about the width of a human hair—to efficiently separate blood cells through controlled incremental filtration. According to Lam, the team was excited that the new device could operate at clinically relevant flow rates.

The device successfully removed approximately 85 percent of large leukocytes and 90 percent of leukemic blasts from undiluted human whole blood without causing platelet loss or other adverse effects. It also operates with an ECV that’s about 1/70th of conventional leukapheresis machines, which makes it particularly suitable for infants and small children.

“Overall, our study suggests that microfluidics leukapheresis is safe and effective at selectively removing leukocytes from circulation, with separation performance sufficiently high to ultimately enable safe leukapheresis in children,” Shevkoplyas said in the release.

Greentown Labs adds 5 new Houston startups to climatetech incubator

Going Green

Greentown Labs announced that it added five startups to its Houston community in Q1 of 2025.

The companies are among a group of 19 that joined the climatetech incubator, which is co-located in Houston and Boston, in the same time period. The companies that joined the Houston-based lab specialize in a number of "green" applications, from converting plastic waste into sustainable materials to developing energy-storage solutions.

The new Houston members include:

  • Concept Loop, a project of Pakistan-based Innova8e Inc., aims to repurpose post-industrial and post-consumer plastic waste into sustainable building materials.
  • GeoFuels, a Sugar Land-based company that produces hydrogen by using baseload geothermal power and methane pyrolysis.
  • PLASENE, a Houston-based company with an innovative platform that converts plastic waste into liquid fuel and low-carbon hydrogen through its proprietary catalysts and modular, scalable, pre-engineered units platform. The company was named to Greentown's ACCEL Year 3 cohort earlier this year.
  • RepAir Carbon, an Israeli company with a fully electric, zero-heat carbon-removal technology that consumes minimal energy, operates without liquids or solvents, and produces no hazardous materials or waste.
  • RotorVault from Pasadena, California, is commercializing energy-storage and load-following solutions that are containerized, modular, and field-deployable systems built on flywheel technology.

Fourteen other companies will join Greentown Boston's incubator. See the full list here.

PLASENE and five other new members—Thola, Respire Energy, Andros Innovations, FAST Metals and Tato Labs—join Greentown Labs through its most recent Advancing Climatetech and Clean Energy Leaders Program, or ACCEL, cohort. ACCEL, which works to advance BIPOC-led startups in the climatetech space, announced its third cohort last month.

---

A version of this story originally appeared on our sister site, EnergyCapitalHTX.

Houston startup unveils its innovative leather alternative at the rodeo

sustainable fashion

Last month’s Houston Livestock Show and Rodeo stirred up another rootin’ tootin’ time for Houstonians and beyond.

But before the annual event galloped into the sunset, there were quite a few memorable innovations on display, with one notably coming from Rheom Materials.

The Houston-based pioneer of next-generation materials presented its scalable, bio-based alternative known as Shorai, a 93 percent bio-based leather, through two custom, western-inspired outfits that showed off cowboy flair through a sustainable lens.

“I'm a Houstonian, I love the rodeo,” Megan Beck, Rheom’s business development manager, recalls. “We're sitting there talking about it one day and we're like, ‘Okay, we've got to do something with this leather to show people how good it can look in apparel, how easy it is to wear.’”

Buoyed by the idea that their materials are meant to “change your impact, not your life,” Rheom captured the real-life energy of their bio-leather outfits under the rodeo’s neon lights in a short commercial video and photo shoot with models donning the samples, while dancing and enjoying the festivities. Rheom created a skirt, a leather jacket, and then a leather top for the look.

“Houston is such a vibrant city,” Beck says. “There's so much innovation here. I think the rodeo is just a really, really great example of that. And so we wanted to take this opportunity to take some of these garments out there and go on the slide, go on some of the rides, go into the wine garden and go dancing, because if you've ever felt some of the materials in the market in this space, they're very stiff, you can't really move in them, they're a little fragile, they kind of fall apart.”

Not only do the models in the video look fashionable, but they also look comfortable, and the leather looks natural and supple. And to the naked eye, Shorai appears to be like the leather most wearers are accustomed to.

“What we really wanted to showcase in this is the energy and the movement of the leather, and to show people how good it can look in apparel, and how easy it is to wear, which I think we were able to accomplish,” Beck says.

Next up, Beck says Rheom wants to scale production of Shorai, the Japanese word for “future,” at a competitive price point, while also reducing its carbon footprint by 80 percent when compared to synthetic leather. According to Beck, Rheom plans to see Shorai products come to market sometime this year.

“We have companies globally right now that are testing materials, that are prototyping, that are making garments, making handbags and footwear, and making eyewear because we have a plastic, as well,” Beck says. “So, this year, I do believe we'll start seeing those products actually come to market, which is very, very exciting for us.”

And with their large-scale production partner already set up for Shorai, Rheom plans to start its first production run of the product soon.

“In April, we'll actually be starting our first production run,” Beck says. “We'll be doing it at full scale, full width, and a full run of materials. So over the next five years, we're only going to just try to increase that capacity.”

View All Listings