Home » Faq » Are there laws or regulations to protect data?

Are there laws or regulations to protect data?

Answer: 

There are laws and regulations to regulate how organizations must handle and protect sensitive information. Some of the most notable include the following:

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Payment Card Industry (PCI) Data Security Standard

Family Educational Rights and Privacy Act (FERPA)

There are Breach Notification Laws currently in place in forty-two states and the District of Columbia which govern the notification of an individual whose personal information has, or may have been disclosed. The State of Iowa recently enacted a data breach notification law which went into effect July 1, 2008. The law requires that organizations with a data breach involving personal information notify individuals affected by the breach. The notification provision (set out in Senate File 2308) requires that notices include:

A description of the breach

The date of the breach

The type of personal information disclosed in the breach

Contact information for consumer reporting agencies

Advice for reporting identity theft

Topic(s): 

Printed from the Office of the Chief Information Officer website on March 27, 2023 at 2:40pm.