Federal Trade Commission Act: Primary federal law governing unfair or deceptive practices affecting commerce, including data security and privacy practices
Computer Fraud and Abuse Act: Federal legislation that provides legal framework for dealing with unauthorized access and computer-related fraud
Gramm-Leach-Bliley Act: Federal law requiring financial institutions to explain their information-sharing practices and protect sensitive data
HIPAA: Federal law establishing standards for protecting sensitive patient health information from disclosure without consent
Fair Credit Reporting Act: Federal law regulating the collection, dissemination, and use of consumer credit information
California Consumer Privacy Act: State law providing California residents with data privacy rights and control over their personal information
Virginia Consumer Data Protection Act: State law establishing framework for controlling and processing personal data in Virginia
Colorado Privacy Act: State law providing Colorado residents with privacy rights and establishing obligations for data controllers
Sarbanes-Oxley Act: Federal law establishing enhanced standards for corporate accountability and financial disclosure
PCI DSS: Payment Card Industry Data Security Standard - security standards for organizations handling credit card information
AICPA Standards: Professional standards established by the American Institute of CPAs for conducting audits
GAAS: Generally Accepted Auditing Standards - systematic guidelines used by auditors when conducting audits
SSAE: Statement on Standards for Attestation Engagements - professional standards for conducting attestation services
State Data Breach Laws: Various state-specific requirements for notification and handling of data breaches
Uniform Commercial Code: Standardized set of business laws regulating commercial transactions across US states
