ISO Guide on Laws, Regulations, and Other Compliance Requirements

This page offers basic information and guidance on selected laws, regulations, and other compliance requirements that relate to information security by providing short summary overviews of the selected laws, regulations, and other compliance requirements. Any law, regulation, or compliance requirement that is not currently linked to a document is still in progress and will be provided as soon as possible – so please check back.

These guides are intended to be used as high-level overviews of laws, regulations, and other compliance requirements as they relate to UC Davis – these guides are not comprehensive and do not cover all regulations or all aspects of specific regulations. These guides are provided by the UC Davis Information Security Office and represent only the Information Security Office’s interpretation of these laws, regulations, and compliance requirements – these guides should be informative but are not authoritative.

Guides in development:

  • Health Insurance Portability and Accountability Act (HIPAA)
  • Confidentiality Of Medical Information Act (CMIA)
  • Child Online Privacy Protection At (COPPA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Genetic Information Nondiscrimination Act (GINA)
  • FTC Safeguards Rule
  • FTC Red Flags Rule
  • California Information Practices Act of 1977 (CIPA)
  • California Civil Code 1798.85 (Confidentiality of Social Security Numbers)
  • Privacy Act of 1974
  • California Consumer Privacy Act of 2018
  • California Constitution Article 1
  • Computer Fraud and Abuse Act (CFAA)
  • California Comprehensive Computer Data Access and Fraud Act
  • Cyber Security Law of the People's Republic of China (China Internet Security Law)
  • Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003(CAN-SPAM)