10.4. Compliance and Policy Laws
With the ever-growing popularity of making data available over the Web, many government agencies and industries have realized the importance of creating secure systems. These organizations have created strict policy and compliance laws that detail security concerns and how data should be handled. Many of the policies that are in place today deal with the privacy of data. The two industries that first come to mind when talking about the privacy of data is the healthcare and the financial industries. When in the planning phase of your web applications, be sure to check for government and industry compliance and policy laws that pertain to security.
Australia
Privacy Act Amendments of Australia
National Privacy Principle (NPP)
Austria
Austrian Data Protection Act 2000
Canada
Canada Act Respecting the Protection of Personal Information in the Private Sector
United Kingdom
UK Data Protection Act 1998
BS 7799
United States of America
U.S. Gramm-Leach-Bliley Act (GLBA)
U.S. Sarbanes-Oxley Act (SOX)
California Individual Privacy Senate Bill - SB1386
USA Government Information Security Reform Act
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
ISO 17799-2000
GAO and FISCAM
Get Testing ASP.NET Web Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.