Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Breach Notification

Breach Notification

Breach Notification under the GDPR is the obligation of a controller to report any security incident in which individuals’ personal data have been subject to unauthorized access or disclosure, destruction, or other forms of misuse. 

It helps alert data subjects and regulators of a potential breach and provides them with information about the incident. This can include what occurred, what was impacted, and what is being done to mitigate the effects. 

For example, suppose a 3rd party misuses an organization’s system to access a database containing sensitive financial information on its customers. In that case, that organization must notify authorities within 72 hours of discovering the breach. Failing to do so could result in significant fines and penalties for noncompliance.

Additional reading

Components of HIPAA: Understanding its Rules, Requirements, and Compliance Obligations

TL,DR: HIPAA is built on 5 rules: Privacy Rule (PHI use), Security Rule (ePHI safeguards), Breach Notification Rule (reporting), Transactions and Code Sets Rule (standardized electronic transactions), and Unique Identifiers Rule The Security Rule requires 3 safeguard categories: administrative (risk assessments, training), physical (facility controls, workstation security), and technical (access controls, encryption, audit controls) The…

How Much Does HITRUST Certification Cost in 2026?

One common question small and mid-sized businesses often ask when thinking about HITRUST certification is, “How much does it cost?” It’s a valid concern, especially with tight budgets and the critical importance of information security. HITRUST certification cost was too expensive for many small businesses.  However, things are changing. New, more cost-effective options are available…

NIST Access Control: Requirements, Controls and Mapping

TL,DR: NIST access controls regulate access to Controlled Unclassified Information (CUI) and systems processing it, governing who has access, what methods are used, and what role-based permissions each user holds NIST SP 800-53 organizes access control into the AC family, one of 20 security control families. CMMC maps 26 access control practices across 5 maturity…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales