Glossary of Compliance
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
A Business Associate Agreement (BAA) is a signed agreement between covered entities and business associates. HIPAA privacy rule mandates that covered entities who share PHI with third party service providers specify the responsibilities of each party to secure PHI. A BAA must describe the permitted rules to use or disclose PHI and require the business…
An external entity could imply any individual, organization or government body other than the applicant group that is dealing with or utilizing PHI.
The Department of Public Health’s (DPH) Human Investigations Committee (HIC) is responsible for monitoring, reviewing, and approving research by utilizing identifiable health information obtained by the Department with the purpose of protecting the rights and the well-being of the research subjects.
A risk assessment validates if your organization is compliant with HIPAA’s technical, administrative, and physical safeguards. A risk assessment also helps identify areas where your organization’s Protected Health Information (PHI) is vulnerable to breach.
The HIPAA (Health Insurance Portability and Accountability Act) Privacy Officer is responsible for developing, managing, and implementing processes to ensure the organizations are in compliance with applicable federal as well as state HIPAA regulations and guidelines, particularly for the organizations having access to and using protected health information (PHI).
Physical safeguards as the physical measures, procedures, and policies to protect a covered entity’s electronic information systems and related equipment and buildings from natural and unnatural hazards and unauthorized intrusion.