The Health Insurance Portability and Accountability Act is a federal law to prevent abuses of personal health information, including unauthorized access. It is administered by the US Department of Health and Human Services and it is enforced by the US Office of Civil Rights.

The Fair and Accurate Credit Transaction Act is a new federal law designed to reduce the risk of consumer fraud and identity theft, created by improper disposal of information. The FACTA disposal rule is enforced by the FTC (Federal Trade Commission), and pretty much applies to every person and business in the United States.

Enforced by the Federal Trade Commission, requires financial institutions to have a security plan to protect the confidentiality and integrity of personal consumer information.

When a business disposes of a business record that contains personal identifying information of a customer of the business, the business shall modify, by shredding, erasing, or other means, the personal identifying information to make it unreadable or undecipherable.

Requires businesses and organizations to implement a Written Identity Theft Prevention Program designed to detect the warning signs ("Red Flags") of identity theft in their day-to-day operations.

Modification to the HIPAA Privacy, Security and Enforcement Rules under the Health Information Technology for Economic and clinical Health Act (HITECH) to strengthen the privacy and security of health information, and to improve the workability and effectiveness of the HIPAA Rules

• Health data breach notification
• Applicable regulatory compliance extended to Business Associates
• Updated Business Associate agreements required
• Fine and enforcement structure enhanced & made mandatory
• Formal Investigation required if "willful neglect" is suggested
• Fines REQUIRED at established amounts
• States Attorney General charged with enforcement