|FERPA (U.S)||Security and Privacy of Students Educational Records|
|COPPA (U.S)||Security and Privacy of Online collection and use of data for minors under 13 years|
|GDPR||Data Protection for all individual within the EU, effective May 2018|
|Sarbanes-Oxley Act (2002)||Known as the “Public Company Accounting Reform and Investor Protection Act” (in the Senate) and
“Corporate and Auditing Accountability, Responsibility, and Transparency Act”
|CALEA – Communications Assistance for Law Enforcement Act (1994)||Communication – Wiretap|
|PIPEDA (Canada)||Personal Information & Protection of Electronics & Document Act – Canada|
|FISMA||Applicable to Government Contract|
|Economic Espionage Act||Imposes fines and jail sentences on anyone found guilty of stealing trade secrets from a US corporation|
|Organization for Economic Cooperation and Development
|Provides for data collection, specifications, safeguards|
|US Computer Fraud and Abuse Act||Trafficking in computer passwords or information that causes a loss of $1,000 or more or could impair medical treatment|
|Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH)||Congress amended HIPAA by passing this Act. This law updated many of HIPAA’s privacy and
Health Insurance Portability and Accountability Act (1996)
|Security and Privacy of Medical Records.
Legislation that provides data privacy and security provisions for safeguarding medical information
|GLBA (U.S) Gramm-Leach-Bliley Act||Security and Privacy of Financial Records
Law that requires financial institutions to explain how they share and protect their customers’ private information
|Data Breach notification requirements||50 states, District of Columbia, Guam, Puerto Rico, The Virgin Islands.
Privacy regulations by each country – There is no national privacy regulations, they have industry specific.
|Privacy Shield||has those same principles, but focuses on more individual rights for EU citizens, stricter requirements for U.S. businesses and restricting U.S. government access to personal data.|
One thought on “Important Regulation for CISSP Exam”
Plz ASAP Launch CCSP next domain Lecture