The CCPA (2018) grants California consumers broad privacy rights, including the right to know what personal information is collected, the right to delete personal information, and the right to opt-out of the sale of personal information. It impacts businesses collecting and processing personal data of California residents, requiring them to implement specific data protection measures and provide transparency about their data practices. (California law, not federal). (2018 is the year the law was enacted). (Became effective January 1, 2020. Enforcement began July 1, 2020). I am refering to the enforcement date as the year, 2020.) (California law, not federal). I am refering to the enforcement date as the year, 2020). (California law, not federal). I am refering to the enforcement date as the year, 2020). (California law, not federal). I am refering to the enforcement date as the year, 2020). (California law, not federal). I am refering to the enforcement date as the year, 2020).

HIPAA (1996) sets national standards for the protection of individually identifiable health information. The Privacy Rule addresses the use and disclosure of individuals’ health information, the Security Rule establishes standards for protecting electronic protected health information, and the Breach Notification Rule requires covered entities to notify individuals and the government in the event of a breach. (1996 is the year the law was enacted). (The final rule of HIPAA was enacted in the year 2013). I am refering to the enactment of the final rule as the year, 2013).

The NIST Cybersecurity Framework (2014) provides a set of standards, guidelines, and best practices to manage cybersecurity-related risks. It offers a voluntary framework that organizations can use to assess and improve their cybersecurity posture. The Framework is intended to be flexible and adaptable to various organizational needs and technologies. (2014 is the year the framework was released.)