List of Compliance Laws, Legislation, and Regulations | HIPAA, HITECH, GLBA, FERPA, COPPA, FOIA, ECPA | US | Canada | EU | and Many More
List of Compliance Laws, Legislation, and Regulations
The word “regulations” carries different meanings for many organizations. Maybe it’s the ever-growing number of regulatory compliance requirements business are being mandated with, or perhaps it’s the never-ending list of audits and industry-specific assessments organizations find themselves dealing with on an annual basis. There’s no real wrong answer when it comes to what one’s definition of "regulations" is, however, a good way to view it is by the laws, regulations, legislation, and industry specific requirements for which business must ultimately adhere to.
Stop and think for a moment of your industry and what regulations, such as state, federal, and global legislative requirements, is your organization having to comply with. Or how about compliance requirements specific to one’s industry, such as those seen in banking, real estate, payments, healthcare, and insurance, just to name a few?
Common Laws, Legislation, and Regulations
Currently, there are a number of well-known federally mandated legislative laws in the United States and Canada (and also for many European Union (EU) countries) that collectively call for the safety and security of personal and private information. In the U.S, for example, the following laws have been pushed through the halls of Congress in hopes of applying (and enforcing) strict controls over such data:
- Health Information Portability and Accountability Act (HIPAA), particularly the Privacy and Security rulings
- The Health Information Technology for Economic and Clinical Health (HITECH) Subtitle D.
- The Gramm-Leach-Bliley Act (GLBA).
- The Family Educational Rights and Privacy Act (FERPA).
- Children's Online Privacy Protection Act (COPPA).
- Freedom of Information Act (FOIA).
- The Electronic Communications Privacy Act (ECPA).
Again, these are the well-known laws and regulations, but numerous other lesser-known federally mandated requirements calling for the safety and security of personal and private information are in indeed out there, along with a large number of state and region | country specific legislative directives. California SB 1386, for example, is one of the more notable state laws relating to the privacy of personal information, but there are many more out there.
Common Laws, Legislation, and Regulations | Organizations Need Policies
Additionally, there are the untold number of state, federal, and country | region specific agencies, bodies, and other enforcement bureaus who also have specific requirements relating to information technology, financial controls, and anything else they deem critical. In summary, the term “compliance” carries with it an almost endless list of requirements – financial, technical, security, and operational requirements - just to name a select few. But what all these laws, regulations, and legislative frameworks have in common is a strict requirement to have in place documented policies and procedures relating to information security.
Your Source for Comprehensive Compliance Policies and Procedures
That’s why organizations need a comprehensive, well-documented set of information security policies and procedures, along with policy documentation pertaining to many business and operational initiatives, such as fraud, risk assessment, or even social media. And there’s no better source than FLANK and the FLANK21 et of policies, procedures, forms, checklists, templates, and provisioning and hardening documents available for purchase and immediate download.
And as a helpful reference to the term “regulations”, FLANK has provided a list of many of the most well-known laws and legislative requirements facing businesses today, along with a brief description of each. We hope this provides you with a greater understanding of the growing force of regulatory compliance seen all throughout the globe.