The IT Compliance Institute announced today that it has launched the Privacy IT Impact Zone - the 12th zone of ITCi's popular Unified Compliance Project.

The Privacy Impact Zone compares 204 privacy authorities representing compliance guidance and regulatory action from all over the world, including state and federal U.S. privacy regulations as well as regulations from the EU, Latin America, the UK and Asia. In addition to privacy-specific laws, the Privacy Zone analyzes the data protection implications of regulations ranging from the Sarbanes-Oxley Act, HIPAA and Basel II, to the New Zealand Privacy Act.

This collection of 204 privacy authorities is cross-referenced with an exhaustive list of nearly 500 specific IT control objectives painstakingly derived from the body of privacy-related regulatory texts. The information is visually depicted in the Privacy Zone's IT Impact Matrix. Cross-referencing regulatory documents with control objectives, the Impact Matrix pinpoints relevant guidance down to the document, section, paragraph and line.

"State, national and international privacy laws, each with its own definition of sensitive information and breach remediation requirements: This is today's IT nightmare. ITCi's new Privacy IT Impact Zone addresses this pain by physically and explicitly showing compliance and IT managers the scope and overlap of hundreds of privacy regulations. Through the Privacy Zone, IT managers can see at a glance what could otherwise take months of research to uncover," said Cass Brewer, editorial and research director for the IT Compliance Institute.

The new Privacy Impact Zone can be found at

The Unified Compliance Project launched in 2005 as the first independent initiative to exclusively support IT compliance management. Developed and produced by the IT Compliance Institute and Network Frontiers, it focuses on the overlap between complex regulatory requirements such as Sarbanes-Oxley, Basel II, and HIPAA. The UCP's uniquely holistic IT compliance viewpoint aims to help organizations to identify compliance "sweet spots" and leverage current and pending compliance activities to reduce compliance costs, limit liabilities and maximize the value of investments in compliance-related technologies and services.

The UCP divides regulatory compliance into 12 main impact zones: privacy, audit and risk management, design and implementation, IT staff management and outsourcing, leadership and high-level objectives, monitoring, measurement, and reporting, operational management, physical security, records management, technology acquisition, systems continuity, and technical security.

The IT Compliance Institute (ITCi) strives to be a global authority on the role of technology in business governance and regulatory compliance. Through comprehensive education, research, and analysis related to emerging government statutes and affected business and technology practices, we help organizations overcome the challenges posed by today's regulatory environment and find new ways to turn compliance efforts into capital opportunities.

ITCi's primary goal is to be a useful and trusted resource for IT professionals seeking to help businesses meet privacy, security, financial accountability, and other regulatory requirements. Targeted at CIOs, CTOs, compliance managers, and information technology professionals, ITCi focuses on regional- and vertical-specific information that promotes awareness and propagates best practices within the IT community.

ITCi sponsors a variety of programs, including a worldwide membership program, weekly e-newsletter, educational online and live events, an in-depth research program, the Unified Compliance Project, and many others.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access