Privacy Laws & Regulation

Order by:Group by:

Latin America, Multinational

Managing Data in Latin America (2007)

Multinational

International Association of Privacy Professionals (IAPP)
Western Hemisphere Data Protection Laws (2010)
International Privacy and Data Protection Laws (2008)
Restrictions and solutions to transfers of personal data within the European Union and from the European Economic Area to other countries (2008 Ed.)
European Data Protection Digest (IAPP)
International Data Protection and Privacy Law (2009)
Regulatory Intelligence by Michael Rasmussen: an Axentis Thought Leadership White Paper

Multinational, European Union

EU 1995 Data Protection Directive
EU, Working Document: Transfers of personal data to third countries: Applying Article 26 (2) of the EU Data Protection Directive to Binding Corporate Rules for International Data Transfers (2003)

Multinational, United States

Global Privacy Handbook (2008 Ed.)

Australia

ALRC Discussion Paper 72: Review of Australian Privacy Law

Europe, European Union

European Data Protection Law: Corporate Compliance and Regulation (Oxford University Press, April 2008)
After the deadline: a status review of the implementation of the new European cookies rules (2011)

United States

45 CFR Part 164.500 et seq., Subpart E, Privacy of Individually Identifiable Health Information (As amended)
HHS, Summary of the HIPAA Privacy Rule
DOC, Safe Harbor Workbook
DOC, Safe Harbor Workbook
FTC, Frequently Asked Questions for the Privacy Regulation
FTC, Protecting Personal Information: A Guide for Business
FTC, Business Guidance, Credit Reports: What Information Providers Need to Know
DOC, Safe Harbor Checklist for U.S. Companies
DHS, REAL ID Proposed Guidelines: Questions & Answers
Comptroller of the Currency, Privacy Laws and Regulations (2000)
DoED, Family Educational Rights and Privacy Act (FERPA) Regulations
UK, Data Protection Technical Guidance Determining What is Personal Data (2007)
DoED, Family Educational Rights and Privacy Act (FERPA)
California, Recommended Practices on Notice of Security Breach Involving Personal Information (2007)
DHS, Privacy Impact Assessment for the Department of Homeland Security General Contact Lists (2007)
FTC, Privacy Initiatives: Enforcement
DOC, Safe Harbor
FTC, Privacy Initiatives Home Page
FTC, Financial Privacy Rule: Interagency Notice Research Project Home Page
NIST, ITL Security Bulletins
Court Grants E-Mail Users New Privacy Protections (June 19, 2007)
SSL: The handshake that requires scrutiny (June 2007)
Should You Publish a Privacy Policy? (CSO Magazine, 2006)
Storage Technology News: New privacy rules may complicate records management (2007)
Industry Leaders Submit Identity Governance Framework to openLiberty.org for Development of Open Source Implementations (July 26, 2007)
Analysis: Court Nixes Patriot Act Subpoena (September 7, 2007)
CongressLine - The EU Privacy Protection Directive and the U.S. Safe Harbor (2000)
Transferring Personal Data From Europe: Corporations Take Charge (2007)
Solving the Compliance vs. Mobile Dilemma (2006)
Data quality -- the forgotten privacy principle (2007)
Insider Threat (2007)
The ChoicePoint Dilemma: How Data Brokers Should Handle the Privacy of Personal Information (IEEE, 2007)
Compliance Provides Benefits Beyond The Obvious (2007)
Portable security: Full-disk encryption can take a lot of risk out of mobile computing (2007)
Internet Law: How to Transfer Electronic Personal Data from Europe to the United States
Personal data is not a bar to FOI disclosure, rules European court (2007)
Board Oversight of Information Technology - Data Privacy and Data Security: The New Imperative (2007)
EU approves minimal data protection standards (2007)
Data Breach Kit: Five Steps to Help You Survive the Inevitable
Coming to America: The EU Privacy Directive (June 14, 2007)
Privacy Journal
Tech Law Journal Online
Daily Tech
Guide to NIST Information Security Documents
Computer Technology Review
Fair Credit Reporting Act - Credit Reporting Agencies
Right to Financial Privacy Act of 1978
Financial Modernization Act of 1999 (Gramm-Leach-Bliley Act) Overview
Gramm-Leach-Bliley Act: Disclosure of Nonpublic Personal Information
Privacy Act of 1974, as amended (5 U.S.C. § 552a)
Health Insurance Portability and Accountability Act, Public Law 104-191
Fair Credit Reporting Act Regulations
Fair and Accurate Credit Transactions Act of 2003 (FACT Act) - Regulations
Medical Privacy - National Standards to Protect the Privacy of Personal Health Information (HIPAA)
DHS, Notice of Proposed Rulemaking: REAL ID (March 2007)
OCC, FRS, FDIC, OTS - Final Rule: Fair Credit Reporting Affiliate Marketing Regulations (2007)
DHS, Final Rule, REAL ID (2008)
45 CFR Part 164 - Security and Privacy
OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
OECD Privacy Statement Generator
UK, Information Commissioner's Office (ICO)
Canada, Personal Information Protection and Electronic Documents Act (PIPEDA) Information Kit for Businesses
Australia Office of the Privacy Commissioner
Canada, Personal Information Protection and Electronic Documents Act Site
Online Guide to International Privacy Resources (EPIC)
EU/UK, Data Retention (EC Directive) Regulations 2007
Australia, Federal Privacy Act Page
EU, Opinion 1/2006 on the application of EU data protection rules to internal whistleblowing schemes in the fields of accounting, internal accounting controls, auditing matters, fight against bribery, banking and financial crime
Data Protection and Privacy Laws - International Standards and Agreements
EU Telecommunications Privacy Directive (2002)
OCEG Jurisdiction Survy: Privacy - State Law on Off Duty Conduct
Privacy International
Privacy Foundation
Electronic Privacy Information Center
Privacy.org
U.S. Security Awareness
ANSI, Identity Theft Prevention and Identity Management Standards Panel
Personal Information: Data Breaches Are Frequent, but Evidence of Resulting Identity Theft Is Limited, However, the Full Extent Is Unknown (GAO, 2007)
Search Privacy Practices: A Work In Progress (CDT, August 2007)
Data Security Breaches: Context and Incident Summaries (CRS, May 7, 2007)
Collection of Congressional Research Service (CRS) Reports on Privacy Issues
State Security Breach Notification Laws
Generally Accepted Privacy Principles - AICPA, CICA
Executive Overview of Generally Accepted Privacy Principles
Id Governance - Identity Privacy and Access Policy Marketing Requirements Document Use Cases Version: 1.0 (2007)

United States, European Union

EU, Promoting data protection by privacy-enhancing technologies (PETS)

All Access Pass

OCEG All Access Pass

Related terms
Information Security
Privacy Laws & Regulation
Record Retention & Data Management
Operations
Information Privacy
E-Discovery
Related communities
Record Retention & Data Management
Featured OCEG Programs
GRC Fundamentals on Demand