¶¶Òõ¶ÌÊÓƵ

Electronic Communications Privacy Act (ECPA): Federal law that provides criminal and civil liability for unauthorized interception of electronic communications, including email

Stored Communications Act (SCA): Part of ECPA that specifically protects stored electronic communications from unauthorized access, disclosure, or tampering

Federal Information Security Management Act (FISMA): Requires federal agencies and their contractors to develop and implement information security programs

Health Insurance Portability and Accountability Act (HIPAA): Mandates strict security standards for protected health information, including encryption requirements for electronic transmission

Gramm-Leach-Bliley Act (GLBA): Requires financial institutions to explain their information-sharing practices and protect sensitive data

Federal Trade Commission Act (FTC Act): Prohibits unfair or deceptive practices, including inadequate data security measures

State Data Protection Laws: Various state-specific requirements for data protection and encryption, varying by jurisdiction

State Breach Notification Laws: State-specific requirements for notifying affected individuals in case of data breaches

California Consumer Privacy Act (CCPA): Comprehensive privacy law providing California residents with specific rights regarding their personal information

Payment Card Industry Data Security Standard (PCI DSS): Security standard for organizations handling credit card information, including encryption requirements

Family Educational Rights and Privacy Act (FERPA): Protects the privacy of student education records and applies to all schools receiving federal funding

Sarbanes-Oxley Act (SOX): Requires public companies to establish internal controls to protect against data tampering and maintain accurate records

General Data Protection Regulation (GDPR): EU regulation with strict requirements for protecting personal data, including encryption standards

NIST Guidelines: Technical standards and guidelines for information security and encryption, widely adopted in the US

ISO 27001: International standard for information security management systems, including encryption requirements

CIS Controls: Set of actions for cyber defense, including guidelines for email and data encryption