Learn more about the General Data Protection Regulation (GDPR) and how it may affect your institution starting in May 2018.
Top of page
- Family Educational Rights and Privacy Act (FERPA)
- Human Subjects Research, including the Federal Policy for the Protection of Human Subjects ("Common Rule"). Note that different federal agencies may have slightly different rules regarding human subjects research. Always check with your institutional research review board for additional guidance in this area.
- Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. Note that HHS developed a free security risk assessment tool.
- Payment Card Industry Data Security Standards (PCI DSS)
- Financial Services Modernization Act of 1999 (Gramm-Leach-Bliley Act; GLB Act; GLBA) Safeguards Rule
- Fair and Accurate Credit Transactions Act of 2003 (FACT Act; FACTA) which amended the Fair Credit Reporting Act (FCRA), and amendments thereof, including Red Flags Rule (Identity Theft Prevention Program)
- Standard Confidentiality Agreement or Statement
- Higher Education Opportunities Act of 2008 (HEOA) Technology Mandates (Including: illegal peer-to-peer file sharing, emergency notification, and distance education student verification.)
- International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR) (e.g., Baylor University's Export Compliance Policy and Purdue University's Export Control Regulations)
- Digital Millennium Copyright Act (DMCA)
Campus Case Studies On This Page
Initiatives, Collaborations, & Other Resources