The U.S. Health Insurance Portability and Accountability Act (HIPAA) of 1996, provides a set of instructions and guidelines for the encoding, privacy, security, integrity and availability of patient health data. The 2009 American Recovery and Reinvestment Act (ARRA), includes a section called the Health Information Technology for Economic and Clinical Health (HITECH) Act. The HITECH Act adopts "electronic health records" (EHRs) to improve efficiency and lower healthcare costs. Due to the increase in privacy and security risks, the HITECH Act introduced new security and privacy related requirements for business associates under HIPAA.

Any organisation - large or small; who accepts credit, debit, and cash cards while offering their services, need to comply with PCI DSS Act. Payment card information, throughout the world is considered a high-value target for cyber crime. Hence, a need to reduce risk for businesses and protect misuse of personal information of cardholders emerged. This led to the creation of PCI DSS Act that puts forth a set of accepted policies and procedures to ensure security of transactions.

The Sarbanes Oxley Act of 2002 is created as a result of to a number of major corporate and accounting scandals. These scandals, which cost investors billions of dollars when the share prices of affected companies collapsed, shook public confidence in the nation's securities markets.

The Information Technology Infrastructure Library (ITIL) v3 was released in June 2007. The ITIL methodology was introduced in the 1980s by the United Kingdom's Central Computer and Telecommunications Agency (CCTA) because they realized that a more systematic approach to manage the IT infrastructure was required. ITIL provides guidance to improve the quality of IT services. It describes the "Best Practices" of IT service management.