SOX (Sarbanes-Oxley Act): Federal legislation requiring retention of financial records and corporate documents. Key considerations for backup retention of financial and corporate governance documents.
HIPAA (Health Insurance Portability and Accountability Act): Federal regulation governing healthcare data privacy and security. Mandates specific backup and retention requirements for protected health information (PHI).
GLBA (Gramm-Leach-Bliley Act): Federal law requiring financial institutions to protect customers' personal financial information, including specific data backup and retention requirements.
FRCP (Federal Rules of Civil Procedure): Federal rules governing electronic discovery requirements in legal proceedings, affecting how electronic data must be preserved and retrieved.
FLSA (Fair Labor Standards Act): Federal law requiring retention of employment records, including payroll and time tracking data.
FERPA (Family Educational Rights and Privacy Act): Federal law protecting student education records, with specific requirements for educational institutions regarding data retention and privacy.
PCI DSS (Payment Card Industry Data Security Standard): Industry standard for organizations handling credit card information, including specific requirements for data backup and retention.
FDA 21 CFR Part 11: Federal regulation for pharmaceutical and medical device companies, specifying requirements for electronic records and electronic signatures.
State Data Breach Laws: Various state-specific requirements for notification and handling of data breaches, affecting backup and retention policies.
CCPA (California Consumer Privacy Act): California state law providing data privacy rights to California residents, including requirements for data retention and consumer access.
GDPR (General Data Protection Regulation): EU regulation that may apply if handling data of EU residents, including specific requirements for data retention and right to erasure.
