Important Regulation for CISSP Exam

FERPA (U.S)  Security and Privacy of Students Educational Records
COPPA (U.S) Security and Privacy of Online collection and use of data for minors under 13 years
GDPR Data Protection for all individual within the EU, effective May 2018
Sarbanes-Oxley Act (2002) Known as the “Public Company Accounting Reform and Investor Protection Act” (in the Senate) and
“Corporate and Auditing Accountability, Responsibility, and Transparency Act”
CALEA – Communications Assistance for Law Enforcement Act (1994) Communication – Wiretap
PIPEDA (Canada) Personal Information & Protection of Electronics & Document Act – Canada
FISMA Applicable to Government Contract
Economic Espionage Act Imposes fines and jail sentences on anyone found guilty of stealing trade secrets from a US corporation
Organization for Economic Cooperation and Development
(OECD)
Provides for data collection, specifications, safeguards
US Computer Fraud and Abuse Act Trafficking in computer passwords or information that causes a loss of $1,000 or more or could impair medical treatment
Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH) Congress amended HIPAA by passing this Act. This law updated many of HIPAA’s privacy and
security requirements
HIPAA (U.S)
Health Insurance Portability and Accountability Act (1996)
Security and Privacy of Medical Records.
Legislation that provides data privacy and security provisions for safeguarding medical information
GLBA (U.S) Gramm-Leach-Bliley Act Security and Privacy of Financial Records
Law that requires financial institutions to explain how they share and protect their customers’ private information
Data Breach notification requirements 50 states, District of Columbia, Guam, Puerto Rico, The Virgin Islands.
Privacy regulations by each country – There is no national privacy regulations, they have industry specific.
Privacy Shield   has those same principles, but focuses on more individual rights for EU citizens, stricter requirements for U.S. businesses and restricting U.S. government access to personal data.

One thought on “Important Regulation for CISSP Exam

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s