Which regulations outline how to implement policies and procedures for protecting card transactions?

The Payment Card Industry Data Security Standard (PCI DSS) specifically outlines the requirements for organizations that handle card transactions, ensuring that they implement effective policies and procedures to protect cardholder data. This standard was developed to enhance security measures and prevent data breaches, providing a framework that includes encryption, network security, access control, monitoring, and testing methods to safeguard sensitive payment information.

While the other options address various aspects of data protection and privacy in different contexts, they do not focus specifically on the protection of card transactions. The Health Insurance Portability and Accountability Act (HIPAA) pertains to the privacy and security of health information; the Federal Information Security Management Act (FISMA) relates to federal information systems; and the Gramm-Leach-Bliley Act focuses on financial institutions and the sharing of consumers' personal financial information. None of these regulations provide the comprehensive guidelines specifically tailored to managing and securing payment card transactions as thoroughly as PCI DSS does.