This article has been indexed from CSO Online
This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. Each entry includes a link to the full text of the law or regulation as well as information about what and who is covered.
CSO updates this directory, originally published on January 28, 2021, frequently as new laws and regulations are put in place.
Click on a link to skip to information and resources on that law:
Broadly applicable laws and regulations
- Sarbanes-Oxley Act (SOX)
- Payment Card Industry Data Security Standard (PCI DSS)
- Payment Service Directive, revised (PSD2)
- Gramm-Leach-Bliley Act (GLBA)
- Customs-Trade Partnership Against Terrorism (C-TPAT)
- Free and Secure Trade Program (FAST)
- Children’s Online Privacy Protection Act (COPPA)
- Fair and Accurate Credit Transaction Act (FACTA), including Red Flags Rule
- Federal Rules of Civil Procedure (FRCP)
Industry-specific guidelines and requirements
- Federal Information Security Management Act (FISMA)
- North American Electric Reliability Corp. (NERC) standards
- Title 21 of the Code of Federal Regulations (21 CFR Part 11) Electronic Records
- Health Insurance Portability and Accountability Act (HIPAA)
- The Health Information Technology for Economic and Clinical Health Act (HITECH)
- Patient Safety and Quality Improvement Act (PSQIA, Patient Safety Rule)
- H.R. 2868: The Chemical Facility Anti-Terrorism Standards Regulation