Type: timeline
Purpose: Illustrate the evolution of major IT compliance regulations from 1990 to present, showing the increasing sophistication and scope of regulatory requirements
Time period: 1996-2025
Orientation: Horizontal
Events:
- 1996: HIPAA enacted (Health Insurance Portability and Accountability Act)
- 2003: HIPAA Security Rule finalized, establishing ePHI protection requirements
- 2009: HITECH Act strengthens HIPAA enforcement and adds breach notification
- 2016: GDPR adopted by EU Parliament (two-year implementation period)
- 2018: GDPR enforcement begins (May 25), creating global data privacy standard
- 2020: Schrems II ruling invalidates Privacy Shield, complicating trans-Atlantic data transfers
- 2022: DORA regulation published by EU
- 2025: DORA enforcement begins (January 17), establishing financial sector resilience requirements
Visual style: Horizontal timeline with milestones marked as circles, with connecting line showing progression
Color coding:
- Blue: HIPAA/healthcare regulations
- Green: GDPR/privacy regulations
- Orange: DORA/resilience regulations
- Purple: Major enforcement events or court rulings
Interactive features:
- Hover over each milestone to see key provisions and requirements
- Click to expand with detailed description of technical implications
- Hover over connecting lines to see contextual developments between milestones
Implementation: HTML/CSS/JavaScript with SVG timeline, responsive design for mobile viewing