Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Privacy

Privacy

Privacy is one of the five trust service criteria of SOC 2. It is information an entity collects, uses, retains, discloses, and disposes to meet its objectives. 

The privacy principle aims to service organizations who handle sensitive personal information do so in a responsible and trustworthy manner. They should have appropriate controls in place to protect the privacy of individuals. This principle guides organizations to handle privacy based on the following:

– Notice and communication of objectives

– Choice and consent

– Collection

– Use, retention, and disposal

– Access

– Disclosure and notification

– Quality

– Monitoring and enforcement

Additional reading

Star health insurance data breach
Blogs

A Cautionary Tale: Lessons from the Star Health Insurance Data Breach

In August 2024, a cyberattack on Star Health Insurance made headlines by becoming the victim of a staggering data breach. Over 31 million customers—roughly the population of Malaysia—saw their personal data exposed. Names, addresses, tax records, medical histories—information meant to remain private was suddenly at the mercy of threat actors.  This incident isn’t an anomaly….
CCPA Compliance Tools
Blogs

5 Best CCPA Compliance Tools

California’s new Consumer Privacy Act was enacted in 2020 and is now one of the most stringent data privacy regulations in the United States. This is why CCPA compliance tools are the talk of the town. The new privacy act gives consumers the right to demand the details that have been stored by the company…
Blogs Cybersecurity

Due Diligence Questionnaires: A Comprehensive Guide to DDQs

Business growth is a loaded term that involves a lot more complexities underneath the revenue boost and brand visibility. Small to medium firms often delegate tasks to external resources to save time, and money, and boost growth opportunities. However, this comes at a cost-sharing sensitive data adds unprecedented risks. But thanks to the due diligence…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales