Info Sec. Laws and Compliance
This course introduces students to privacy laws, regulations, and industry guidelines with significant security and privacy impact and requirements. The course primarily examines laws and regulations from the United States, but it also includes some coverage of international laws. The course is divided into four sections. First, students are exposed to broadly-applicable laws and regulations that address information security. Second, students receive an introduction to industry-specific guidelines and requirements (FISMA, NERC, HIPAA, HITECH, PSQIA3 , etc.). Third, students examine key state laws and regulations that impact information security management (such as relevant laws in California, Massachusetts, and New York). Finally, students scrutinize other countries’ laws and regulations related to information security and privacy (such as laws in Canada, Mexico, and the European Union) and international standards such as ISO 27001 and 27032.