Information Security and Privacy Laws and Regulations :Office of the CISO - washington.edu

Office of the CISO

Information Security and Privacy Laws and Regulations

List of Laws and Regulations (pdf)

The information security and privacy laws and regulations listed here impart a duty upon the University of Washington (UW) to protect certain information. The list does not include all information security and privacy laws and regulations.

The UW Chief Information Security Officer collaborates with the UW Privacy Official and UW subject matter experts to review and update the information in the table below on an annual basis. The information was updated December 2010.

Subject Area
Laws and Regulations
ChildrenCOPPA
Protection of Human Subjects - CFR Title 45 Part 46
Institutional Review Boards - FDA 21 CFR part 56
EmployeesDMCA
eDiscovery
EEO - Civil Rights Act/Executive Presidential Order 11246
Social Security Numbers - RCW 28B.10.042
Ethics in Public Service - RCW 42.52
Financial and
Banking
ARRA
FCRA
GLB
PCI
Red Flag Rules
Social Security Numbers - RCW 28B.10.042
Credit Card Receipts - RCW 63.14.123
Healthcare and
Patient Records
ARRA
HIPAA
Red Flag Rules
Social Security Payments - 42 USC 405
Credit Card Receipts - RCW 63.14.123
Medical Records - RCW 70.02
Mental Illness - RCW 71.05
Social Security Requirements - WAC 388-476-0005
ResearchARRA
EAR - Export Administration Controls
ITAR - Export Administration Controls
FISMA
Protection of Human Subjects - 45 CFR part 46
Investigational New Drug Application- FDA 21 CFR part 312
Investigational Device Exemptions - FDA 21 CFR part 812
National Security Information - US Presidential Executive Order 13526
National Industrial Security - US Presidential Executive Order 12829
StudentsDMCA
eDiscovery
FERPA
Higher Education Opportunity Act
Social Security Numbers - RCW 28B.10.042
Disclosure of Library User Identity - WAC 478-168-190
OtherDisclosure/Notice - RCW 19.255.010