Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Data Mining

Data Mining

Data mining or ‘profiling’ is an automated process that analyzes, processes, and makes decisions based on specific aspects of a data subject. Under the GDPR, it is imperative that data processors and controllers inform data subjects on the existence of such processes, logic, and decision-making instruments. If these decisions are made as per a contract between the controller or processor and data subject, the former will have to take sufficient measures to ensure that the rights of the data subject are preserved. The data subject has the right to obtain more information, express their point of view, and contest automated decisions.

Additional reading

How to Perform a HIPAA Risk Assessment to Stay Compliant?

The HHS Office of Civil Rights (OCR) provides direction to healthcare entities to implement safeguards for the privacy and security of patients’ protected health information (ePHI) and ensure HIPAA compliance. However, the first crucial step in this direction is to conduct a HIPAA risk assessment, which identifies critical risks and security loopholes. Risk assessment helps…

NIST Access Control: Requirements, Controls and Mapping

TL,DR: NIST access controls regulate access to Controlled Unclassified Information (CUI) and systems processing it, governing who has access, what methods are used, and what role-based permissions each user holds NIST SP 800-53 organizes access control into the AC family, one of 20 security control families. CMMC maps 26 access control practices across 5 maturity…

Information Assurance vs Cybersecurity: Differences & Similarities

TL,DR: Information assurance protects information reliability through 5 pillars: availability, integrity, authentication, confidentiality, and non-repudiation. Cybersecurity defends digital assets from cyberattacks and unauthorized access to systems Information assurance takes a broader governance approach covering policies, risk management, compliance, and business continuity. Cybersecurity takes a technical approach using firewalls, antivirus software, and intrusion detection systems Information…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.