by Daniel J. Solove
I have created a new resource page for the TeachPrivacy website: Privacy and Security Training Requirements.
This page lists the requirements for privacy and information security training in laws, regulations, and industry codes. I provide a brief summary of each requirement as well as relevant excerpts from the texts of these provisions.
FEDERAL LAWS AND REGULATIONS
— HIPAA
— GLBA
— FISMA
— FTC Red Flags Rule
STATE LAWS AND REGULATIONS
— Texas Health Privacy Law
— Massachusetts Data Security Law
INDUSTRY CODES
— PCI DSS
STANDARDS
— NIST 800-53
— ISO/IEC 27002
INTERNATIONAL LAWS
— US-EU Safe Harbor Arrangement
— Canada’s PIPEDA
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics.
Professor Solove is the organizer, along with Paul Schwartz of the Privacy + Security Forum (Oct. 21-23 in Washington, DC), an event that aims to bridge the silos between privacy and security.
If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
* LinkedIn Influencer blog
* Twitter
* Newsletter