Publicly Available Privacy and Security Resources

If you are a startup or just a privacy or security officer with a lean budget, please check out our list of publicly available privacy and security resources.  

We update this from time to time for presentations we give to companies just starting to build their privacy and security programs and always welcome input on any "free" resources you find helpful.  

Publicly Available Privacy and Data Security Resources 

The following is a list of publicly available resources, most at no cost, which privacy professionals may find helpful in obtaining information and tools for developing their privacy and data security programs.
Privacy General

International Association of Privacy Professionals ("IAPP") Resources

Privacy links, job listings, and links to all of the world's data protection authority websites.

 Microsoft: Privacy           

Collection of FAQs and white papers prepared by Microsoft pertaining to user privacy protection, data governance, ad-serving, EU privacy compliance, and more.

 Cooley Privacy Policy Generator

Generally Accepted Privacy Principles ("GAPP")            

Principles for designing and implementing privacy practices and policies from the American Institute of Certified Public Accountants and the Canadian Institute of Chartered Accountants.

 Truste Resources

Surveys, whitepapers, guidance, including a behavioral targeting checklist, security guidelines etc.


Privacy and security webcasts available with registration.

 Privacy International       

Country by country summaries of data protection laws and privacy rights.

National Conference of State Legislatures: Privacy & Security,71,539#951

Charts of state privacy and security laws. Also includes articles, briefs, and newsletters discussing state regulation of privacy and security issues.

Organisation for Economic Co-Operation and Development: Information Security and Privacy              

Homepage for OECD working party on Information Security and Privacy.

 Privacy Exchange: Legal Library

Index of privacy laws from around the world with links to statutory texts.


Newsletter, privacy interviews, privacy breach analysis, links to privacy studies.

Paid subscription service offering database of privacy compliance information. 

The Data Governance Institute

Free data governance program documents, processes, templates and tools.

The Ponemon Institute

Source of independent research on privacy, data protection and information security policy.


Privacy – U.S. 

Federal Trade Commission: Privacy Initiatives

Information on the FTC's privacy initiatives: unfairness and deception, the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, and the Children's Online Privacy Protection Act.

FCC Proposed Broadband Consumer Privacy Rules

Proposed privacy guidelines for broadband Internet Service Providers (ISPs)

FCC Customer Proprietary Network Information (CPNI) Small Business Compliance Guide

Privacy guidance for small entity telecommunications carriers and VOIP service providers

California Office of Privacy Protection          

Guidance on California privacy laws, general privacy links, and links to other privacy laws.  

Privacy – Rest of the World

European Commission Data Protection Site

  • General Data Protection Regulation (GDPR)

Data Transfers from Europe

·        Eu model Contracts for Transfer of Personal Data to Third Countries

·        EU – U.S. Privacy Shield

UK Information Commissioner's Office

Resources include handbook for conducting Privacy Impact Assessments.  

Australian Government Office of the Privacy Commissioner

Information sheets, privacy impact assessment guide, personal information security breach guide.

Canadian Office of the Privacy Commissioner             

Reports, publications, guidelines, research, tools, videos, privacy illustrations, privacy impact assessments.

Privacy in Product Development / Privacy by Design

Privacy by Design (Ontario Information and Privacy Commissioner)

Publications and resources on the concept of Privacy by Design 

Microsoft’s Privacy Guidelines for Developing Software Products and Services

Data Security

Protecting Personal Information: A Guide for Business

FTC guide for implementing data security principles, with public domain security training materials. 

Fighting Fraud with the Red Flag Rules: the FTC's How-to Guide for Businesses

Guide for organizations that are building Identity Theft Prevention programs with compliance tips, information about the Rule's applicability, and a guided four-step process.

National Institute of Standards and Technology: Computer Security Resource Center        

Provides a range of information technology security standards and guidelines.

PCI DSS: Standards, Self-Assessment, and Compliance

Website for payment card industry standards, guidelines, and compliance tips.

Secure Coding

Microsoft’s Security Development Lifecycle ("SDL")

Secure coding guidelines developed by Microsoft but generally applicable to all platforms.

Microsoft’s Security Development Lifecycle ("SDL") training

PowerPoint training modules that cover secure design, implementation, and verification.


Free security trainings on a variety of technology or process-specific topics including mobile security.  

Android Security Guidelines

Google’s security best practices for developing on the Android platform.

iOS Security Coding Guidelines

Apple’s secure coding practices guidelines. 

Data Breach Response

National Conference of State Legislatures: State Data Breach Laws,71,539#951

Charts of state security breach notification laws.

Data Loss db – Primary Source Archive of Data Breach Notification Letters

Searchable archive of breach notification letters submitted to various U.S. jurisdictions.

Massachusetts: Sample Letter for Notifying State Attorney General About a Breach   

Vermont: Security Breach Guidance and Sample Notification Letter 

Privacy Rights Clearinghouse’s Chronology of Data Breaches  


For questions and input contact:

Susan Lyon- Hintze –, 206-601-3233

Mike, 206-719-6934

Jared Friend, 206-325-3277

Hintze Law PLLC
505 Broadway E. #151
Seattle, WA 98102