The Federal Information Security Management Act of 2002 recognizes the importance of information security to the economic and national security interests of the United States. The act requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.
For more information, visit https://www.dhs.gov/federal-information-security-management-act-fisma
The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management, education, and awareness of the PCI Security Standards, including the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.
For more information, visit https://www.pcisecuritystandards.org/
The Office for Civil Rights enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information; the HIPAA Security Rule, which sets national standards for the security of electronic protected health information; the HIPAA Breach Notification Rule, which requires covered entities and business associates to provide notification following a breach of unsecured protected health information; and the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety.
For more information, visit http://www.hhs.gov/ocr/privacy/index.html
The Gramm-Leach-Bliley Act (GLB Act or GLBA), also known as the Financial Modernization Act of 1999, is a federal law enacted in the United States to control the ways that financial institutions deal with the private information of individuals. The Act consists of three sections: The Financial Privacy Rule, which regulates the collection and disclosure of private financial information; the Safeguards Rule, which stipulates that financial institutions must implement security programs to protect such information; and the Pretexting provisions, which prohibit the practice of pretexting (accessing private information using false pretenses). The Act also requires financial institutions to give customers written privacy notices that explain their information-sharing practices.
For more information, visit http://www.fdic.gov/consumers/consumer/alerts/glba.html
The Sarbanes-Oxley Act of 2002 (often shortened to SOX) is legislation enacted in response to the high-profile Enron and WorldCom financial scandals to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise. The act is administered by the Securities and Exchange Commission (SEC), which sets deadlines for compliance and publishes rules on requirements. Sarbanes-Oxley is not a set of business practices and does not specify how a business should store records; rather, it defines which records are to be stored and for how long.
For more information, visit http://www.sec.gov/about/laws.shtml#sox2002
The National Credit Union Administration (NCUA) is the independent federal agency that regulates, charters and supervises federal credit unions. With the backing of the full faith and credit of the U.S. Government, NCUA operates and manages the National Credit Union Share Insurance Fund (NCUSIF), insuring the deposits of more than 95 million account holders in all federal credit unions and the overwhelming majority of state-chartered credit unions.
For more information, visit http://www.ncua.gov/
The North American Electric Reliability Corporation is a not-for-profit entity whose mission is to ensure the reliability of the Bulk-Power System in North America. NERC develops and enforces Reliability Standards; annually assesses seasonal and long‐term reliability; monitors the Bulk-Power System through system awareness; and educates, trains and certifies industry personnel.
For more information, visit http://www.nerc.com/
The Federal Energy Regulatory Commission, or FERC, is an independent agency that regulates the interstate transmission of electricity, natural gas, and oil. FERC also reviews proposals to build liquefied natural gas (LNG) terminals and interstate natural gas pipelines as well as licensing hydropower projects. The Energy Policy Act of 2005 gave FERC additional responsibilities as outlined in FERC's Top Initiatives and updated Strategic Plan.
For more information, visit http://www.ferc.gov/