We've collected information about US and International laws that affect how information must be managed and governed. The links on this page go to directory pages that list these laws and rulings, with a briefing page for each one that includes its jurisdiction, all the names the law may go by, a summary of the data implications of the law, and links for more information.
A note about US State Laws: Many states have enacted legislation that specifies how organizations must deal with security breaches. Our State Laws page provides summary information, then provides a link to the Consumers Union site, where this information is tracked in more detail. However, the California Security Breach Notification Law (SB 1386), affects so many of us, and so we've included a full briefing page for this law.
Listing of International Rules
U.S. State Security Breach Laws
Listing of State Security Breach Laws
U.S. Federal Data Laws, Regulations, and Rules
Listing of Federal Data Laws
U.S. Federal Credit Laws
Listing of U.S. Federal Credit Laws
UK and Canadian Data Laws
Listing of UK and Canadian Data Laws
Listing of Privacy Resources
Security Breach Information