One interesting case may be the Health Insurance Portability and Accountability Act, the law governing the collection, storage, and use of healthcare information in the U.S. Though it’s an actual regulation, not a standard, it should be a case of a complex, multi-stakeholder landscape involving a variety of risks, some of which arise from adversaries, and governing sensitive electronic information. It’s quality seems mixed, and appeared to be inadequate for subsequent developments in ‘big data’. Also, it looks like there’s been a decent amount written about it—there are 94 review articles with HIPAA in the title (results mentioning HIPAA look inflated due to articles mentioning HIPAA compliance in its methods).
One interesting case may be the Health Insurance Portability and Accountability Act, the law governing the collection, storage, and use of healthcare information in the U.S. Though it’s an actual regulation, not a standard, it should be a case of a complex, multi-stakeholder landscape involving a variety of risks, some of which arise from adversaries, and governing sensitive electronic information. It’s quality seems mixed, and appeared to be inadequate for subsequent developments in ‘big data’. Also, it looks like there’s been a decent amount written about it—there are 94 review articles with HIPAA in the title (results mentioning HIPAA look inflated due to articles mentioning HIPAA compliance in its methods).