Disaster Recovery Reform Act (DRRA) 2018: Federal legislation that focuses on pre-disaster planning and mitigation, aiming to build more resilient communities and reduce disaster costs
National Incident Management System (NIMS): Federal framework for emergency response coordination and incident management across all jurisdictional levels
OSHA Emergency Action Plan (29 CFR 1910.38): Federal workplace safety regulations requiring employers to have written emergency action plans for employee safety during workplace emergencies
HIPAA: Healthcare privacy law requiring protection of patient data during disasters and business disruptions
Sarbanes-Oxley Act: Federal law requiring public companies to maintain effective internal controls and procedures, including business continuity measures
Gramm-Leach-Bliley Act: Federal law requiring financial institutions to protect customer data and maintain business continuity plans
Federal Information Security Management Act (FISMA): Federal law establishing information security standards and requirements for federal agencies and their contractors
NFPA 1600: Standard on Continuity, Emergency, and Crisis Management providing comprehensive guidance for business resilience planning
FDA Regulations: Industry-specific requirements for food and pharmaceutical companies regarding product safety and supply chain resilience
SEC Regulations: Financial services industry requirements for maintaining business continuity and protecting market integrity
FCC Regulations: Telecommunications industry requirements for network reliability and emergency communications
TSA Regulations: Transportation sector requirements for security and operational continuity
State Emergency Management Laws: State-specific requirements for business emergency preparedness and response coordination with local authorities
State Data Breach Notification Laws: State-level requirements for protecting and managing data during business disruptions and security incidents
ISO 22301: International standard for Business Continuity Management Systems providing framework for organizational resilience
ISO 31000: International standard for Risk Management providing principles and guidelines for managing risks in organizations
NIST Special Publication 800-34: Federal guidance for contingency planning for information systems and organizational operations
