Skip to content

References: Privacy, Compliance, and Regulation

  1. General Data Protection Regulation - Wikipedia - Comprehensive coverage of GDPR principles, data subject rights, and enforcement. Anchors the chapter's regulatory landscape.

  2. California Consumer Privacy Act - Wikipedia - Detailed treatment of CCPA/CPRA rights, business obligations, and the evolving US state-privacy patchwork. Foundation for the US regulatory section.

  3. Health Insurance Portability and Accountability Act - Wikipedia - Coverage of HIPAA Privacy Rule, Security Rule, and Breach Notification Rule. Directly supports the sector-specific compliance content.

  4. Privacy Engineer's Manifesto - Michelle Finneran Dennedy, Jonathan Fox, and Tom Finneran - Apress - Practitioner reference on privacy engineering and privacy-by-design; the standard for engineering teams that have to implement privacy obligations.

  5. The Privacy Engineer's Companion - Michelle Dennedy, Jonathan Fox, and Tom Finneran - Apress - Companion volume covering hands-on privacy assessments and DPIAs that match the chapter's apply-level outcomes.

  6. Official GDPR Text - GDPR-Info - The full searchable text of the GDPR with cross-references and recitals. Authoritative source when answering exam questions about specific articles.

  7. California Privacy Protection Agency Resources - California Privacy Protection Agency - Official California regulator's resources on CCPA/CPRA compliance, including enforcement actions and rule-making.

  8. HHS HIPAA for Professionals - U.S. Department of Health and Human Services - Authoritative guidance on HIPAA from the federal regulator, covering covered entities, business associates, and breach notification.

  9. PCI Security Standards - PCI Security Standards Council - Official site for the PCI-DSS standard governing payment card data, with the current standard text and implementation guidance.

  10. IAPP Privacy Resources - International Association of Privacy Professionals - The leading professional body for privacy practitioners; resources on global privacy laws, certification paths, and emerging regulations.