University of Wisconsin–Madison

Cybersecurity Regulatory Compliance

The Office of Cybersecurity is committed to supporting UW–Madison faculty, staff, and researchers in cybersecurity compliance in five regulatory categories. These five categories impact a number of types of protected or sensitive data.

Services offered vary but generally include intake analyses, data security assessments, risk management recommendations, and security control implementation.

To learn more please visit one of the pages below or contact

Regulatory Categories

Controlled Unclassified Information

The federal government requires cybersecurity controls on certain types of protected data often used or gathered in research. Here’s a step-by-step process to help researchers and staff comply with requirements.

General Data Protection Regulation (GDPR)

The European Union’s GDPR signals a comprehensive, consumer-oriented approach to data privacy. Here are details about the GDPR compliance program for the UW-Madison campus community.

HIPAA Security Program

This page provides details about UW‑Madison’s approach to compliance with the Healthcare Insurance Portability and Accountability Act (HIPAA) Security Rule.

Gramm-Leach-Bliley Act (GLBA)

Content coming

Payment Card Industry Data Security Standard (PCI-DSS)

Content coming