Security and Privacy Training Requirements Resource

Security and Privacy Training Requirements Guide

Many laws, regulations, and industry codes require privacy awareness training and/or data security awareness training. These include:

  • International Laws – including GDPR and Personal Information Protection and Electronic Document Act (PIPEDA)
  • US Federal Laws, Regulations, and Treaties – including HIPAA Privacy and Security Rules, Gramm-Leach-Bliley Act (GLBA), FACTA – FTC Red Flags Rule, Federal Information Security Management Act (FISMA), Federal Acquisitions Regulation, and EU-US Privacy Shield Framework
  • US State Laws and Regulations – including New York Cybersecurity Regulation, Texas Health Privacy Law, and Massachusetts Data Security Law
  • Standards and Industry Codes – Payment Card Industry Data Security Standard (PCI-DSS), ISO/IEC 27002, and NIST Special Publication 800-53 (Revision 4)

This Security and Privacy Training Requirements Guide, written by Professor Daniel Solove, will walk you through a brief description of each requirement with excerpts of the relevant provisions.

Please provide the required information below to access the PDF.

    Please Complete the Form Below

    Job Title


    Professor Solove’s newsletter covers his latest writings, events, and training.
    It is sent weekly. You can unsubscribe at any time.
    Click to see a sample issue.
    Would you be interested in subscribing?

    YesNoAlready Subscribed

    To receive Professor Solove's newsletter please provide the following information:


    First Name

    Last Name


    Privacy and Security Training Requirements