UK Data Protection Act 2018: Primary UK legislation governing the processing of personal data and implementing the UK GDPR into national law
UK GDPR: Post-Brexit version of the EU GDPR, setting out fundamental rules for data protection and privacy in the UK
Computer Misuse Act 1990: Legislation criminalizing unauthorized access to computer systems and related cybercrime activities
NIS Regulations 2018: Network and Information Systems Regulations implementing EU NIS Directive, focusing on cybersecurity for essential services
PECR 2003: Privacy and Electronic Communications Regulations governing electronic communications, cookies, and marketing
ISO 27001: International standard for information security management systems (ISMS) and risk assessment framework
NIST Cybersecurity Framework: Voluntary framework of computer security guidance for organizations to assess and improve cybersecurity risk management
PCI DSS: Payment Card Industry Data Security Standard - security standard for organizations handling credit card data
Cyber Essentials: UK government-backed scheme helping organizations protect against common cyber attacks
FCA Regulations: Financial Conduct Authority regulations including specific requirements for financial services cybersecurity
NHS Digital Standards: Specific security standards and frameworks for healthcare sector data protection
Human Rights Act 1998: Legislation incorporating privacy rights and other fundamental human rights into UK law
Freedom of Information Act 2000: Legislation providing public access to information held by public authorities, with security implications
Official Secrets Act 1989: Law protecting government and national security information from unauthorized disclosure
EU GDPR: European Union's General Data Protection Regulation, relevant for UK organizations handling EU residents' data
