Related Federal Laws and Regulations 

• Gramm-Leach Bliley Act of 1999
• HIPAA – Health Information Portability and Accountability Act
• Family Education Rights and Privacy Act of 1974 (FERPA)
• Federal Trade Commission Regulations (16 CFR, Part 314) Standards for Safeguarding Customer Information; Final Rule, May 23, 2002
• Federal Trade Commission Regulations (16 CFG, Part 313) Privacy of Consumer Financial Information
• Payment Card Industry (PCI) Data Security Standard (DSS)

Related CA State Laws and Regulations

• California Information Practices Act of 1977 (California Civil Code Section 1798.85)
• California Education Code, Section 89546, Employee Access to Information Pertaining to Themselves
• California Code of Regulations, Title 5, Sections 42396-42396.5
• Comprehensive Computer Data Access and Fraud Act (California Penal Code, Section 502)
• California: SB 1386: Disclosure of Security Breach of Confidential Information
• California: SB 2246: Customer Records:  Act to add to Title 1.81, Part 4 of Division 3 of the Civil Code
• California Civil Code Sections 1798-1798.78.

• CSU Executive Order 796 (req. compliance with FERPA)Records Access Manual: Office of General Counsel: The California State University, March 2005 (Records exempted from disclosure)
• Chancellor’s Office Memorandum of March 26, 2003: Increased Security Measures for CMS
• California State University HR: 2005-07: New Legislation Regarding the Use of Social Security Numbers (CO)
• California State University HR: 2005-16: Requirements for Protecting Confidential Personal Data
• CSU Information Security Policy - Section 8000 Integrated CSU Administrative Manual (4/19/10)
• CSU Coded Memo HR 2005-16 (4/8/05) [PDF] - Requirements for protecting confidential personal data 
• CSU Coded Memo HR 2007-05 (2/8/05) [PDF] - Requirements for implementing state law regarding use of Social Security number
• CSU Coded Memo HR 2005-01 (1/7/05) [PDF] - Update: Information Practices Act