Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Confidentiality

Confidentiality

In the context of SOC 2 (Service and Organization Controls), confidentiality refers to the principle that requires organizations to protect the confidentiality of their customer’s data and information. The confidentiality principle is one of five Trust Services Criteria covered in a SOC 2 attestation engagement.

To meet the confidentiality principle, organizations must have controls to ensure that their customers’ data and information are kept confidential and only accessed by authorized individuals. This may include access controls, data encryption, and secure data transmission.

Additional reading

GDPR Article 9 for Special Data and Exceptions

TL,DR: GDPR Article 9 defines special category data including racial origin, political opinions, religious beliefs, genetic data, biometric data, health data, and sexual orientation. Processing is prohibited by default Organizations can process this data only when meeting one of 10 legal conditions including explicit consent, employment law obligations, vital interests, legal claims, or public health…

Ultimate Guide to Secure Controls Framework  

Every 39 seconds, the U.S. faces a cybersecurity attack, impacting one in three Americans and countless companies each year. As a CISO, neglecting security can place you in that unfortunate statistic. The Secure Controls Framework (SCF) is your solution.  This solution should be your go-to because it is created to empower companies in guiding the…

NIST Access Control: Requirements, Controls and Mapping

TL,DR: NIST access controls regulate access to Controlled Unclassified Information (CUI) and systems processing it, governing who has access, what methods are used, and what role-based permissions each user holds NIST SP 800-53 organizes access control into the AC family, one of 20 security control families. CMMC maps 26 access control practices across 5 maturity…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales