Regulations & Compliance

Navigate regulatory requirements for software migration and modernization. Understand compliance obligations for GDPR, HIPAA, SOC 2, and more.

data-privacy

GDPR

General Data Protection Regulation

European Union regulation on data protection and privacy for individuals within the EU and EEA

European Union
2018-05-25
privacydata-protectionpersonal-data+2
4 requirements2 standards
data-privacy

CCPA

California Consumer Privacy Act

California state statute enhancing privacy rights and consumer protection for residents of California

California, USA
2020-01-01
privacyconsumer-rightsdata-sale+1
3 requirements
healthcare

HIPAA

Health Insurance Portability and Accountability Act

US legislation providing data privacy and security provisions for safeguarding medical information

United States
1996-08-21
healthcarephiprotected-health-information+1
4 requirements1 standard
financial

PCI DSS

Payment Card Industry Data Security Standard

Information security standard for organizations that handle branded credit cards

Global
2004-12-15
paymentcredit-cardcardholder-data+1
5 requirements1 standard
financial

SOX

Sarbanes-Oxley Act

US federal law mandating certain practices in financial record keeping and reporting for corporations

United States
2002-07-30
financial-reportinginternal-controlsaudit+1
4 requirements1 standard
ai-governance

EU AI Act

EU Artificial Intelligence Act

European Union regulation on artificial intelligence, establishing rules for AI systems based on risk levels

European Union
2024-08-01
artificial-intelligenceai-riskhigh-risk-ai+2
4 requirements1 standard
financial

DORA

Digital Operational Resilience Act

EU regulation on digital operational resilience for the financial sector

European Union
2025-01-17
operational-resilienceict-riskincident-reporting+1
4 requirements2 standards
cybersecurity

NIS2

Network and Information Security Directive 2

EU directive on cybersecurity measures across the Union

European Union
2024-10-17
cybersecuritycritical-infrastructureincident-reporting+1
4 requirements1 standard
government

FedRAMP

Federal Risk and Authorization Management Program

US government program providing standardized approach to security assessment for cloud products and services

United States
2011-12-08
cloud-securitygovernmentauthorization+1
4 requirements2 standards
data-privacy

LGPD

Lei Geral de Proteção de Dados

Brazil's General Data Protection Law regulating personal data processing

Brazil
2020-09-18
privacydata-protectionpersonal-data+1
4 requirements1 standard
data-privacy

PIPEDA

Personal Information Protection and Electronic Documents Act

Canadian federal privacy law for private-sector organizations

Canada
2000-04-13
privacyconsentpersonal-information+1
4 requirements
financial

GLBA

Gramm-Leach-Bliley Act

US law requiring financial institutions to explain their information-sharing practices

United States
1999-11-12
financial-privacysafeguardspretexting+1
3 requirements