LEGISLATIVE GUIDE
| Security Initiative | Overview | EU | NA | AP | RW |
| 21 CFR Part 11 | FDA regulated companies | = |
|||
| Arkansas SB 1167 + 32 other state Notification Laws | Arkansas Residents to be notified immediately if their personal identifiable information has been subject to unauthorized access | = |
|||
| BBB Online (privacy standards) | Better Business practices for websites | = |
= |
= |
= |
| BS7799/ IS 17799 | Information on how to build, operate, maintain and improve an Information Security Management System | = |
= |
= |
= |
| California SB 1386 | California Residents to be notified immediately if their personal identifiable information has been subject to unauthorized access | = |
|||
| Children's Online Privacy Protection Act (COPPA) | Privacy protections for information about children | = |
|||
| COBiT | Generally applicable and accepted standard for good (IT) security | = |
= |
||
| Data Protection Act 1998 (UK) | Protection of sensitive personal data for UK Residents | = |
|||
| E-Signatures Act | Use of electronic records and signatures in interstate and foreign commerce by ensuring the validity and legal effect of contracts entered into electronically | = |
= |
= |
= |
| European Union (EU) Data Privacy Directive | Rules that address the handling of all types of personal data | = |
|||
| Family Educational Rights and Privacy Act (FERPA) | = |
||||
| Federal Energy Regulatory Commission (FERC) | Regulations for Energy Companies | = |
|||
| Federal Information Security Management Act (FISMA) | Framework for enhancing the effectiveness of information security in the federal government. | = |
|||
| Freedom of Information Act (FOIA) Exemption | Trade secrets, commercial information | = |
|||
| Gramm-Leach-Bliley Act (GLBA) | Preservation of confidentiality of personal financial data | = |
= |
||
| Health Insurance Portability & Accountability Act (HIPAA) | Healthcare providers to preserve confidentiality of medical records | = |
|||
| Interactive Advertising Bureau | Online Marketing standards | ||||
| (ISBA) Standards | |||||
| Sarbanes-Oxley Act (SOX) | Availability Internal Controls | = |
|||
| Statement of Auditing Standards (SAS) No. 70 | Pertaining to Service Organizations | = |
|||
| TRUSTe Privacy Standards | Open disclosure of usage of information collected by websites | = |
= |
= |
= |
| US National Do Not Call (DNC) Registry | Telemarketing regulation | = |
|||
| USA Patriot Act | = |
||||
| WebTrust | e-Commerce standards comprised of prevailing best practices and requirements from around the world | = |
= |
= |
= |
| XML Standards | Information Storage and Exchange | = |
= |
= |
= |
| *This guide is not intended to be used as legal advice, but to be used as an informational tool | |||||