Data Privacy Laws & Acts

BPB Online
2 min readJul 19, 2022

Data has paramount importance in any organization. In the data economy age, companies find a huge advantage in gathering, circulating, and using information. Various companies are established using social platforms. These companies are expected to be staunch followers of privacy policies as customers trust and expect privacy about confidential data.

Every individual has the right to privacy and liberty from uninvited threats. Data theft at a government agency can put highly confidential information in the hands of the adversary. A theft at a corporation can put proprietary data in the hands of a competitor. A theft at a school could put students’ PII in the hands of criminals who could commit identity theft. A theft at a hospital can put PHI in the hands of those who can misuse it. When data that should be kept private gets in the wrong hands, it brings an exuberant amount of threat to individuals.

Below are a few of the crucial data privacy laws and acts amended
over the years:

U.S Privacy Act of 1964: The privacy act of 1974 established a set of rules for the fair practice of information. It controls the accumulation, conservation, utilization, and circulation of data that is maintained by government agencies.

HIPAA 1996: Health Insurance Portability and Accountability act of 1996 is a composition of set rules established by the United States. It furnishes a set of rules to safeguard the medical and other confidential information of individuals.

GLBA 1999: The Gramm Leach Bliley act is also known as the Financial Moderation Act. It is a United States central law that expects financial institutions to report the circulation and protection of confidential data of their customers.

COPPA 2000: Children’s Online Privacy Protection Rule was established to protect pivotal information of children below 13 years of age.

Privacy Rule 2000: Privacy Rule 2000 reinforces HIPAA and ensures the security of medical data.

SOX 2002: Surbanes- Oxley Act, safeguards individuals from deceptive practices of organizations.

FISMA 2002: Federal Information Security Management Act instructs organizations to safeguard data.

ISO 27001 2013: ISO 27001 securities is a framework for the data handling system.

GDPR 2018 & PDP Bill 2019: The General Data Protection Regulation is a discipline in the EU principle on data protection and privacy in the EU and the EEA. It also directs the transfer of personal data outside the EU and EEA areas.

PDP Bill 2019, Personal Data Protection Bill was proposed in the Indian Parliament on 11th Dec 2019. The Bill covers the procedure for the protection of personal data.

CCPA 2020: California Consumer Privacy Act regulates how organizations control and utilize information.

Hope this was helpful.



BPB Online

Enabling IT Students, Professionals & Developers by creating a 360˚ learning experience — Books | eBooks | Video Tutorials | Articles