The most important laws are:
- Health Information Portability and Accountability Act (HIPAA): deals with Protected Health Information (PHI)
- International Trade in Arms Regulation (ITAR): deals with Controlled Unclassified Information (CUI)
- Federal Information Systems Management Act (FISMA): describes how systems that hold information must be managed
FISMA requires that data be classified by three aspects:
By stating whether these aspects are:
Special Publication 800-53, Revision 4, developed by the National Institute of Science and Technology (NIST) describes what properties systems must have to have appropriate levels of trust for data in each of these aspects.
Special services are available from Research Computing to meet these requirements.