Privacy Act of 1974: Federal law establishing a code of fair information practices governing the collection, maintenance, use, and dissemination of personally identifiable information maintained by federal agencies
Federal Trade Commission Act: Prohibits unfair or deceptive practices affecting commerce, including companies' privacy and data security practices
Electronic Communications Privacy Act: Extends government restrictions on wire taps to include transmitted electronic data and stored electronic communications
HIPAA: Provides data privacy and security provisions for safeguarding medical information and healthcare records
Gramm-Leach-Bliley Act: Requires financial institutions to explain their information-sharing practices and protect sensitive data
FERPA: Federal law protecting the privacy of student education records and applying to all schools receiving federal funding
COPPA: Federal law imposing requirements on operators of websites or online services directed to children under 13 years of age
CCPA/CPRA: California state laws providing consumers with rights regarding the collection and use of their personal information by businesses
Virginia Consumer Data Protection Act: Comprehensive state privacy law providing Virginia residents rights over their personal data
Colorado Privacy Act: State law providing Colorado residents with data privacy rights and imposing obligations on data controllers and processors
GDPR Compliance Requirements: EU regulation considerations for cross-border data transfers affecting US companies handling EU resident data
Privacy Shield Framework: Framework for regulating transatlantic exchanges of personal data for commercial purposes between the EU and US
NIST Cybersecurity Framework: Voluntary guidance for private sector organizations to better manage and reduce cybersecurity risk
ISO 27001: International standard for information security management systems (ISMS)
PCI DSS: Information security standard for organizations that handle branded credit cards from major card schemes
