Standards

Manage multiple regulatory compliance frameworks
and standards in one platform

Centraleyes enables cyber risk teams to easily create and define frameworks to fit their specific needs, or choose from tens of pre-populated integrated risk and compliance frameworks. By mapping shared controls across frameworks, Centraleyes allows for a quicker, automated compliance process.

Personal Information Privacy Law (PIPL) of China

What is PIPL? Personal Information Privacy Law (PIPL) is the new Chinese data privacy law that became effective on November 1st, 2021. PIPL establishes an extensive data protection framework for the acquisition, use, and dissemination of the personal information of Chinese citizens. The first official data privacy law of its…

Nevada Privacy Law

What is the Nevada privacy law? The Nevada Revised Statutes on Security and Privacy of Personal Information (‘NRS’) include the state’s privacy rules, which are contained in Chapter 603A. Recently, Nevada has approved an update to their privacy law. The passage of Senate Bill (‘SB’) 538 for an Act Relating…

POPIA

What is POPIA? South Africa’s new data privacy framework is the Protection Of Personal Information Act. It establishes a minimal baseline for privacy regulation in all industries. It applies to those who are based in South Africa as well as those who are only processing data there. POPIA regulates the…

GDPR

What is the GDPR? The General Data Protection Regulation (GDPR) is a European Union law that went into effect on May 25, 2018. It demands companies to protect personal data and enforce the privacy rights of anyone on EU State’s territory. The regulation includes seven data protection principles that must…

CCPA

What is the CCPA Act? The California Consumer Privacy Act (CCPA) is a state-wide data privacy law that governs how businesses all over the world may handle California residents’ personal information (PI). The CCPA went into effect on January 1, 2020. It is the first law of its kind in…

NIST Privacy Framework

What is the NIST Privacy Framework? The National Institute of Standards and Technology (NIST) recently released the Privacy Framework, which assists organizations in prioritizing privacy threats and outcomes, and achieving privacy goals regardless of company size, market, or industry. Although organizations might have implemented the NIST Cybersecurity Framework (CSF), this…

FERPA

What is FERPA? The Family Educational Rights and Privacy Act (FERPA) of 1974, also known as the Buckley Amendment, is a Federal privacy law that protects the privacy of student education records.  “Education records” directly relate to a student and are maintained by an educational institution or by a party…

NY SHIELD Act

What is the NY SHIELD Act? On March 21, 2020, the data security provisions of New York’s Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”) came into force. This act establishes protections of customer data to ensure the integrity, confidentiality and the security of private information held by…

ISO 27701

What is ISO/IEC 27701? ISO/IEC 27701 establishes guidelines and describes standards for implementing, designing, maintaining, and continuing to improve a Privacy Information Management System as a complement to ISO/IEC 27001 and ISO/IEC 27002 for the management of privacy within organizations (PIMS). The original version of this standard was ISO/IEC 27552.…