 |
 |
 |
 |
 |
 |
 |
 |
 |
Links
Below is a 'free for all' list of links meaning you can add anything you please. We expect this area to grow and change continually. After you add your link, you will be automatically returned to this page and your listing should appear. Depending on your browsers individual settings, you may have to Refresh this page for you link to appear. All links will be periodically reviewed and verified for appropriateness.
Last link was added on Sunday, June 3, 2007
URL:
Section to be placed in:
*
Quick Link:
[
Audit |
IT |
Federal Government | News | Privacy | Professional | Training |
Misc ]
Privacy Resources And Links
The reference links below are a compendium of privacy resources —
they represent a selection of privacy-related items and should not
be considered comprehensive.
Privacy-Related Laws & Regulations
• Australia’s Privacy Act of 1988
http://scaletext.law.gov.au/html/pasteact/0/157/top.htm
• California State Privacy Regulations/Resources
http://www.leginfo.ca.gov/cgi-bin/displaycode?section=bpc&group=22001-23000&file=22575-22579
http://info.sen.ca.gov/pub/01-02/bill/sen/sb_1351-1400/sb_1386_bill_20020926_chaptered.html
http://www.leginfo.ca.gov/pub/03-04/bill/asm/ab_1901-1950/ab_1950_bill_20040929_chaptered.html
http://www.privacyprotection.ca.gov/business/ca_business_privacy_hb.pdf
• Canada’s Personal Information Protection in Electronic Documents Act (PIPEDA)
http://www.parl.gc.ca/36/2/parlbus/chambus/house/bills/government/C-6/C-6_4/C-6_cover-E.html
http://www.privcom.gc.ca/index_e.asp
http://www3.gov.ab.ca/foip/legislation/index.cfm
• European Union Privacy Directive
• Japan’s Personal Information Protection Act
http://www.privacyexchange.org/japan/JapanPIPA2003v3_1.pdf
• New Zealand’s Privacy Act of 1993
http://rangi.knowledge-basket.co.nz/gpacts/public/text/1993/an/028.html
http://www.privacy.org.nz/top.html
• United Kingdom’s Data Protection Act
http://www.opsi.gov.uk/acts/acts1998/19980029.htm
http://www.ico.gov.uk/eventual.aspx
• United Kingdom’s Freedom of Information Act
http://www.opsi.gov.uk/acts/acts2000/20000036.htm
• United Kingdom’s Privacy and Electronic Communications Directive
http://www.opsi.gov.uk/si/si2003/20032426.htm
• United States’ Bank Secrecy Act
http://www.fdic.gov/regulations/examinations/bsa/bsa_4.html
• United States’ CAN-SPAM Act
http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm
• United States’ Children’s Online Privacy Protection Act
http://www.ftc.gov/ogc/coppa1.htm
http://www.ftc.gov/bcp/conline/pubs/buspubs/coppa.htm
• United States’ Electronic Freedom of Information Act
http://www.usdoj.gov/oip/foia_updates/Vol_XVII_4/page2.htm
http://www.irs.gov/foia/index.html
• United States’/European Union Safe Harbor
http://www.export.gov/safeharbor/
• United States Fair and Accurate Credit Transactions Act
http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=108_cong_public_laws&docid=f:publ159.108
• United States Fair Credit Reporting Act
http://www.ftc.gov/os/statutes/fcra.htm
• United States’ Federal Trade Commission Enforcement Actions
http://www.ftc.gov/ogc/brfovrvw.htm
http://www.ftc.gov/opa/2003/11/cybersecurity.htm
• United States’ Federal Trade Commission’s Safeguard Rules
http://www.ftc.gov/bcp/conline/pubs/buspubs/safeguards.htm
• United States’ Gramm-Leach-Bliley Act (GLBA)
http://www.ftc.gov/privacy/glbact/glbsub1.htm
• United States’ Health Insurance Portability and Accountability Act (HIPAA – USA)
• United States’ Internal Revenue Code Privacy Regulations (Section 7216 and 7525)
• United States’ Privacy Act of 1974
http://www.usdoj.gov/foia/privstat.htm
• United States’ Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (PATRIOT)
http://www.epic.org/privacy/terrorism/hr3162.html
• United States Right to Financial Privacy Act
Associations
• Electronic Privacy Information Center
• International Association of Privacy Professionals
https://www.privacyassociation.org/index.html
• International Security, Trust, and Privacy Alliance (ISTPA)
• Privacy and American Business
• Privacy International
http://www.privacyinternational.org/
• Privacy Rights Clearinghouse
http://www.privacyrights.org/fs/fs6-crdt.htm
Frameworks & Standards
• American Institute of Certified Public Accountants (AICPA)/Canadian Institute of Chartered Accountants (CICA) Privacy Framework
http://ftp.aicpa.org/CSC/infotech/Privacy/3A_01a.pdf
• AICPA Privacy Risk Assessment Questionnaire
• International Security, Trust, and Privacy Alliance (ISTPA) Privacy Framework
http://www.istpa.org/pdfs/ISTPAPrivacyFrameworkV1.1.pdf
• Canadian Standards Association (CSA) Model Privacy Code
http://www.csa.ca/standards/privacy/code/Default.asp?language=english
• Enterprise Privacy Authorization Language
http://www.w3.org/Submission/EPAL/
• IAPP Certified Information Privacy Professional (CIPP)
https://www.privacyassociation.org/index.php?option=com_content&task=view&id=44&Itemid=85
• Organization for Economic Cooperation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
http://www.oecd.org/document/18/0,2340,en_2649_34255_1815186_1_1_1_1,00.htm
Best Practices
• California’s Business Privacy Handbook
http://www.privacyprotection.ca.gov/business/ca_business_privacy_hb.pdf
• Consumer Privacy Guide
http://www.consumerprivacyguide.org/
• Federal Trade Commissions Privacy Choices for Your Personal Financial Information
http://www.ftc.gov/bcp/conline/pubs/credit/privchoices.htm
• OECD Privacy Statement Generator
http://www.oecd.org/document/39/0,2340,en_2649_34255_28863271_1_1_1_1,00.html
• United States Computer Emergency Readiness Team Cyber Security Privacy Tips
http://www.us-cert.gov/cas/tips/index.html
• Center for Education and Research in Information Assurance and Security’s Roadmap for a Comprehensive Online Privacy Policy
https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2004-47.pdf
News/Intelligence Resources
• PX News Flash
http://www.privacyexchange.org/news/archives/nf/newsflash991216.html
Newsletter from Steptoe & Johnson (www.steptoe.com).
Newsletter from Sonnenshein Nath & Rosenthal (http://www.sonnenschein.com/).
BNA Privacy Law Watch and BNA Privacy & Security Report (www.bna.com).
The Unified Compliance Project of IT Compliance Institute (http://www.unifiedcompliance.com/about_the_ucf/the_list_of_authority_document.html
Security Related
• British Standards Instituted - BS 7799
• CobiT — Control Objectives for Information and Related Technologies
• Generally Accepted Information Security Principles
http://www.issa.org/gaisp/gaisp.html
• ISO/IEC 17799:2005 — Information Technology — Code of Practice for Information Security Management http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=33441&ICS1=35&ICS2=40&ICS3
• ISO TR 13335 “Guidelines for the Management of Information Security,” Parts 1-5
http://www.iso.org/iso/en/StandardsQueryFormHandler.StandardsQueryFormHandler
• ISO 21827 System Security Engineering Capability Maturity Model
http://www.iso.ch/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=34731&ICS1=35&ICS2=40&ICS3=
• ISO TR 13569 “Banking and Related Financial Services — Information Security Guidelines, 9/9/2003
• Standard of Good Practice for Information Security (Information Security Forum)
http://www.isfsecuritystandard.com/index_ie.htm
• Trust Services Criteria; including SysTrust/WebTrust (AICPA)
http://www.aicpa.org/trustservices
• United State’s Federal Financial Institutions Examination Council (FFIEC) - FFIEC “Audit IT Examination Handbook,” and “FFIEC Audit Examination Procedures”
http://www.ffiec.gov/ffiecinfobase/index.html
• United State’s National Institute of Standards & Technology 800 Series
- Google Image Search
- Google Groups
- Stock Photography at Foto Search
- Yoy Search Engine / Web Directory
Home | About Us | Join |
News |
Events |
Education |
CISA/CISM |
Job Link |
Links
Need help?
Last modified:
Sunday, June 03, 2007.
Copyright © 2003-2007 ISACA-KM. All
Rights Reserved. Privacy
Statement.
Questions or problems regarding this web site should be directed to our webmaster@isaca-km.org.