Citation[]
Congressional Research Service, Federal Information Security and Data Breach Notification Laws (CRS Report RL34120) (2010) (full-text).
Overview[]
This report describes information security and data breach notification requirements included in the Privacy Act of 1974, the Federal Information Security Management Act of 2002, Office of Management and Budget Guidance, the Veterans Affairs Information Security Act, the Health Insurance Portability and Accountability Act of 1996, the Health Information Technology for Economic and Clinical Health Act, the Gramm-Leach-Bliley Act, the Federal Trade Commission Act, and the Fair Credit Reporting Act of 1970. Also included in the report is a brief summary of the Payment Card Industry Data Security Standard (PCI DSS), an industry regulation developed by VISA, MasterCard, and other bank card distributors.