Security and Privacy Training Requirements Resource

Security and Privacy Training Requirements Guide

Many laws, regulations, and industry codes require privacy awareness training and/or data security awareness training. These include:

  • International Laws – including GDPR and Personal Information Protection and Electronic Document Act (PIPEDA)
  • US Federal Laws, Regulations, and Treaties – including HIPAA Privacy and Security Rules, Gramm-Leach-Bliley Act (GLBA), FACTA – FTC Red Flags Rule, Federal Information Security Management Act (FISMA), Federal Acquisitions Regulation, and EU-US Privacy Shield Framework
  • US State Laws and Regulations – including New York Cybersecurity Regulation, Texas Health Privacy Law, and Massachusetts Data Security Law
  • Standards and Industry Codes – Payment Card Industry Data Security Standard (PCI-DSS), ISO/IEC 27002, and NIST Special Publication 800-53 (Revision 4)

This Security and Privacy Training Requirements Guide, written by Professor Daniel Solove, will walk you through a brief description of each requirement with excerpts of the relevant provisions.

Please provide the required information below to access the PDF.

    Please Complete the Form Below


    First Name

    Last Name


    Job Title (*Required field)

    Industry (*Required field)

    I’m interested in seeing a demo of privacy and data security training.

    Please be sure to include your email address so we can contact you.

    Please include any comments or additional questions here:

    Professor Solove’s newsletter covers his latest writings, events, and training. It is sent weekly. You can unsubscribe at any time.
    Click to see a sample issue.
    Would you be interested in subscribing?

    YesNoAlready Subscribed

    To receive Professor Solove's newsletter, please make sure you have provided your contact details above.

    Privacy and Security Training Requirements