Often laws and regulations have an immediate impact on IT professionals and the security position of an organization. These laws seek to establish and implement controls; maintain, protect, and assess compliance issues; identify and remediate vulnerability and deviations; and provide a reporting mechanism that can prove an organization is in compliance. However, confusion about these laws and regulations can leave organizations unsure of how to implement policies and procedures to comply with the guidelines. Choose a law or regulation (new or revised version) and list three immediate impacts that may be felt by IT and require organization compliance.