CyberLaw Library

Comprehensive database of cybersecurity laws and regulations in Puerto Rico

Showing 8 laws

Web Content Accessibility Guidelines (WCAG) 2.1

Active

Accessibility

International · WCAG 2.1 W3C Recommendation

International standard for web accessibility compliance. Provides guidelines to make web content more accessible to people with disabilities across three conformance levels: A, AA, and AAA.

View Details →

Ley de Ciberseguridad del Estado Libre Asociado de Puerto Rico (Ley 40-2024)

Active

Cybersecurity

Puerto Rico · Ley 40-2024 ELA PR

Puerto Rico's comprehensive cybersecurity law governing government contractors and critical infrastructure. Establishes mandatory cybersecurity standards, incident reporting requirements, and enforcement mechanisms.

View Details →

Ley de Notificación de Política de Privacidad (Law 39-2012)

Active

Privacy

Puerto Rico · Law 39-2012 ELA PR

Puerto Rico's privacy policy notification requirement law. Mandates that commercial entities operating in Puerto Rico disclose their personal information collection and use practices.

View Details →

Vulnerability Assessment (OWASP/CVE)

Active

Cybersecurity

International · OWASP, CVE Database

Industry-standard vulnerability assessment framework for identifying and classifying software vulnerabilities. The OWASP Top 10 and CVE database provide globally recognized references for known threats.

View Details →

HIPAA Security Rule

Active

HealthcarePrivacyCybersecurity

United States Federal · 45 C.F.R. Part 164

Healthcare and Public Health Sector

Federal healthcare data security requirements establishing national standards for the protection of electronic protected health information (ePHI). Covers administrative, physical, and technical safeguards.

View Details →

Gramm-Leach-Bliley Act (GLBA) Safeguards Rule

Active

FinancePrivacy

United States Federal · 16 C.F.R. Part 314

Financial Services Sector

Federal financial institution data protection requirements mandating comprehensive information security programs to protect customer financial data. Applies to financial institutions under FTC jurisdiction.

View Details →

Cybersecurity Maturity Model Certification (CMMC) Level 1

Active

DefenseCybersecurity

United States Federal · 32 C.F.R. Part 170

DoD/FAR/DFARS contractors

DoD contractor cybersecurity baseline requirements for protecting Federal Contract Information (FCI). Level 1 comprises 17 practices from NIST SP 800-171 mapped from FAR 52.204-21.

View Details →

California Consumer Privacy Act (CCPA)

Active

Data ProtectionConsumer Rights

California / United States · Cal. Civ. Code § 1798.100 et seq.

State statute enhancing privacy rights and consumer protection for California residents. Applicable to Puerto Rico companies serving California residents that meet the law's applicability thresholds.

View Details →