Cybersecurity Legal and Regulatory

Cybersecurity Legal and Regulatory

Health Insurance Portability and Accountability Act (HIPAA)

  • For Patients - Individuals’ Right under HIPAA to Access their Health Information.
  • For Providers - Training resources to educate providers about the HIPAA Right of Access.

Sarbanes-Oxley Act (SOX) - The Sarbanes-Oxley Act mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures and combat corporate and accounting fraud, and created the "Public Company Accounting Oversight Board," also known as the PCAOB, to oversee the activities of the auditing profession.

Family Educational Rights and Privacy Act (FERPA) - The Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of student education records.

  • For Parents - Parents' Guide to the Family Educational Rights and Privacy Act: Rights Regarding Children’s Education Records.
  • For Students - FERPA General Guidance for Students.

Federal Information Security Management Act (FISMA) - The FISMA Implementation Project was established to produce key security standards and guidelines required by Congressional legislation.

Electronic Communications Privacy Act (ECPA) - The ECPA, as amended, protects wire, oral, and electronic communications while those communications are being made, are in transit, and when they are stored on computers. The Act applies to email, telephone conversations, and data stored electronically.

USA PATRIOT Act - The purpose of the USA PATRIOT Act is to deter and punish terrorist acts in the United States and around the world, to enhance law enforcement investigatory tools, and other purposes

Energy Policy Act of 2005 - The Energy Policy Act (EPA) addresses energy production in the United States

  • Electric Utilities - Electric Power Generation, Transmission and Distribution (NAICS 2211)

North American Electric Reliability Corporation (NERC) - NERC Reliability Standards define the reliability requirements for planning and operating the North American bulk power system.

EU General Data Protection Regulation (GDPR) - The General Data Protection Regulation (GDPR) is a regulation set forth by the EU that governs the protection and dissemination of personal data and enhances digital privacy for people located in the EU.

California Consumer Privacy Act (CCPA) - The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them.