A10.3 Industry-Specific Security and Privacy Regulations:

Financial Services: Gramm-Leach-Bliley Act (GLBA), PCI Data Security Standard.

Healthcare and Pharmaceuticals: HIPAA (Health Insurance Portability and Accountability Act of 1996) and FDA 21 CFR Part 11.

Infrastructure and Energy: FERC and NERC Cybersecurity Standards, the Chemical Sector Cyber Security Program and Customs-Trade Partnership against Terrorism (C-TPAT).

Federal Government: FISMA and related NSA Guidelines and NIST Standard.

A10.4 Standards

ANSI/EIA859 : Data Management.

AS 4390-1996 Records Management.

CAN-SPAM - Federal law regarding unsolicited electronic mail.

FCD 11179-2, Information technology—Specification and standardization of data elements - Part 2: Classification for data elements.

ISO 1087, Terminology—Vocabulary.

ISO 15489-1:2001 Records Management—Part 1: General.

ISO 2382-4:1987, Information processing systems—Vocabulary part 4.

ISO 2788:1986 Guidelines for the establishment and development of monolingual thesauri.

ISO 704:1987, Principles and methods of terminology.

ISO Standards Handbook 10, Data Processing—Vocabulary, 1982.

ISO/IEC 10241:1992, International Terminology Standards—Preparation and layout.

ISO/IEC 11179-3:1994, Information technology—Specification and standardization of data elements - Part 3: Basic attributes of data elements.

ISO/IEC 11179-4:1995, Information technology—Specification and standardization of data elements - Part 4: Rules and guidelines for the formulation of data definitions.

ISO/IEC 11179-5:1995, Information technology—Specification and standardization of data elements - Part 5: Naming and identification principles for data elements.

ISO/IEC 11179-6:1997, Information technology—Specification and standardization of data elements - Part 6: Registration of data elements.

ISO/TR 15489-2:2001 Records Management -- Part 2: Guidelines.

UK Public Record Office Approved Electronic Records Management Solution.

Victorian Electronic Records Strategy (VERS) Australia.