Legislation

Subscription to InfoSec Legislation will provide your organisation with the following:

  • The Information Security legal and other requirements register itself - the structure and content of which is outlined below
  • What’s new in your register - providing you with a list of relevant changes to identified information security legislation on a quarterly basis
  • Ongoing information security compliance evaluations - as detailed on the Legislative Compliance tab
  • Quarterly newsletters – sent directly nominated personnel
  • Useful information security resources
  • An overview of associated information security consultancy services

The information security legal and other requirements register includes Acts and Regulations covering UK and European Law.  In total, the register identifies and documents over two hundred individual pieces of information security legislation. The content of your legal register is structured under relevant chapter headings, together with examples of information security legislation that is relevant for each chapter.

Data Protection

  • The Data Protection Act 1998
  • The European General Data Protection (GDPR) Regulations 2016
  • The Computer Misuse Act 1990
  • The Freedom of Information Act 2000

Corporate

  • The Companies Act 2006
  • The Bribery Act 2010
  • The Fraud Act 2006

Intellectual Property

  • The Copyright Act 1956
  • The Copyright, Design & Patents Act 1988
  • The Intellectual Property Act 2014

Communications

  • The Broadcasting Act 1990
  • The Communications Act 2003
  • The Telecommunications Act 1984

Law Enforcement & Operations

  • The Criminal Justice Act 1988
  • The Terrorism Act 2006
  • The Regulation of Investigatory Powers Act 2000

Disability & Equality

  • The Human Rights Act 1998
  • The Equality Act 2010
  • The Disability Discrimination Act 2005

 Human Resources, Nationality & Right to Work

  • The Employment Act 2002
  • The Immigration, Asylum & Nationality Act 2006
  • The Employment Rights Act 1996

Education

  • The Education Act 2011
  • The Further Education & Training Act 2007
  • The Higher Education Act 2004

Financial Services

  • The Finance Act 1998
  • The Financial Services Act 2012
  • The Financial Services & Markets Act 2000

Legal Services

  • The Legal Services Act 2007
  • The Solicitors Act 2004
  • The Limited Liability Partnership Act 2000

Health & Wellbeing

  • The Health Act 2009
  • The Health & Social Care Act 2011
  • The Mental Health Act 2007

Utilities & Supply

  • The Electricity Act 1989
  • The Gas Act 1986

Business Continuity & Civil Contingencies

  • The Civil Contingencies Act 2004
  • The Business Continuity Management Practice Guide 2006

Environment & Health and Safety

  • The Health & Safety at Work Act 1974
  • The Reporting of Injuries, Diseases & Dangerous Occurrences Regulations 1995
  • The Waste Electrical & Electronic Equipment (Amendment) Regulations 2007

Additionally, the updates and newsletters are stored in the update section of your legal and other requirements register, making them accessible for review at any time.

Annual renewal of your subscription to InfoSec Legislation includes an evaluation of the identified information security legislation that have been documented on your legal and other requirements register. This service provides an objective and impartial analysis of your identified obligations, satisfying the compliance and performance evaluation requirements of ISO27001 and providing assurance that your legal and other requirements register remains up to date and relevant to your organization’s core business activities.

On completion of the annual legislative review, a compliance certificate will be added to your legal and other requirements register, to confirm that the evaluation of information security legislation has been completed and demonstrate ongoing compliance to your stated legal and other obligations.

Information Security Legislation | Compliance