HIPAA, Sarbanes-Oxley (SOX), PCIDSS, GLB

According to the Identity Theft Resource Center, in 2007 there were over 446 security breaches affecting nearly 120 million individuals. Lost or stolen backup tapes contributed to a large number of these breaches.

The Identity Theft Resource Center Reports That Data Breaches More Than Doubled in 2008 First Quarter

“We believe that encryption is the best way for businesses to meet the increasing need for privacy protection.” Iron Mountain

HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) is a set of standards for the privacy and protection of all electronic health information. It includes a Privacy Rule and a Security Rule which require healthcare organizations to increase the security of their patient-related data.

Sarbanes-Oxley
The Sarbanes-Oxley Act is legislation created in response to past financial scandals to protect shareholders and the general public from fradulent practices. Because this set of laws requires that financial institutions store relevant business records "not less than 5 years" this effects IT departments greatly.

California SB 1386
The California SB Act requires organizations that own or have access to personal information of California residents to notify them if the security of their information is compromised.

Gramm-Leach-Bliley Act
The Gramm-Leach Bliley Act includes laws that govern the collection and disclosure of customers’ personal financial information by financial institutions and requires all financial institutions to design, implement and maintain safeguards to protect customer information.

PCI Data Security Standard
The Payment Card Industry Data Security Standard is a set of comprehensive requirements for enhancing payment account data security. The PCI DSS includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.