By Rob Wayt, CISSP-ISSEP, HCISPP, CISA, CISM, CRISC, CEH, QSA Sometimes we could all use a little privacy. Some downtime to unwind without being bothered by phone calls, emails and social media updates.  Our world is moving faster and faster in the digital age, with no signs of slowing down.  In a related way, this is exactly what privacy legislation and regulation is aimed at relieving. What is privacy with regard to electronic information?  How is it different from security? In simple terms, security is the effort made to keep sensitive information safe. Think policies, firewalls, antivirus, encryption, MFA, and numerous other technologies.  Privacy, meanwhile, utilizes aspects of information security but is actually more focused on the rights of the subject -- including capabilities to control who has their identifying information and what can be done with it. Privacy of electronic information has been an area of growing concern for more than 20 years.  The first major legislation to address personal information privacy was the Health Insurance Portability and Accountability Act (HIPAA), which became effective in 1996.  In 2009, the Health Information Technology for Economic and Clinical Health Act (HITECH) went into effect to promote the adoption and use of…