Glossary of Compliance
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
All HIPAA-Covered Components have to implement a facility security plan to safeguard the facility and the equipment within from unauthorized physical access, theft, and tampering for all locations that store and/or access ePHI.
The Office for Civil Rights (OCR) promotes medical excellence throughout the nation by ensuring equal access to certain health and human services while protecting the privacy and security of health information.
The United States Department HHS, or Health and Human Services, is a cabinet-level executive branch of the U.S. federal government created to safeguard the health of all American citizens and provide essential human services.
The OCR in partnership with the Office of the National Coordinator for Health Information Technology, developed a downloadable Security Risk Assessment (SRA) Tool that guides users through the security risk assessment process by utilizing a simple, wizard-based approach as asked for by the CMS or the Centers for Medicare and Medicaid Service Electronic Health Record…
A HIPAA disaster recovery plan (HIPAA DRP) is a formal proposition that specifies the processes, actions, and methodologies that must be embraced to secure and restore electronic health records (EHR) in case of a natural or manmade disaster, calamity or similar event.
A legal entity that carries out both covered as well as non-covered functions may designate itself as a hybrid Entity under HIPAA and may choose not to apply the Privacy Rule to its non-healthcare components, whereas all covered healthcare components must be in compliance with HIPAA, and the covered entity retains security compliances, oversight, and…