A10.3 Industry-Specific Security and Privacy Regulations:
Financial Services: Gramm-Leach-Bliley Act (GLBA), PCI Data Security Standard.
Healthcare and Pharmaceuticals: HIPAA (Health Insurance Portability and Accountability Act of 1996) and FDA 21 CFR Part 11.
Infrastructure and Energy: FERC and NERC Cybersecurity Standards, the Chemical Sector Cyber Security Program and Customs-Trade Partnership against Terrorism (C-TPAT).
Federal Government: FISMA and related NSA Guidelines and NIST Standard.
ANSI/EIA859 : Data Management.
AS 4390-1996 Records Management.
CAN-SPAM - Federal law regarding unsolicited electronic mail.
FCD 11179-2, Information technology—Specification and standardization of data elements - Part 2: Classification ...