Contains the definition of regulated private data and appropriate practices and responsibilities for protecting these data.