ComplianceCheckup

Compliance Checklists

These free, interactive compliance checklists cover GDPR, HIPAA, PCI DSS, SOC 2, CCPA, and ADA/WCAG — the regulations most commonly applicable to websites and online businesses. Every item cites the official regulatory source, and you can check off items in-browser or export as PDF.

GDPR83 items

General Data Protection Regulation

EU/EEA personal data protection — applies globally if you have EU users.

View checklist →
HIPAA74 items

Health Insurance Portability and Accountability Act

US healthcare data privacy — required for providers, plans, and their vendors.

View checklist →
PCI DSS91 items

Payment Card Industry Data Security Standard

Required for any business that stores, processes, or transmits card data.

View checklist →
SOC 278 items

System and Organization Controls 2

Enterprise B2B security framework — required by most large business customers.

View checklist →
CCPA52 items

California Consumer Privacy Act

California privacy law — applies at revenue or data volume thresholds.

View checklist →
ADA / WCAG68 items

Americans with Disabilities Act / WCAG 2.1 AA

Website accessibility — applies to all public US websites.

View checklist →

Not sure which regulations apply to you?

Answer 5 questions about your business and get a personalised list.

Take the quiz

Want to see how your website actually scores?

PrivacyGrader scans your site and gives you an A+ to F grade in 30 seconds.

Grade my site