Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
ePHI
Any patient data that is created, stored, managed, transmitted, or shared via electronic means is Electronic Protected Health Information (ePHI). As per the HIPAA regulation, there are 18 HIPAA identifiers that qualify as ePHI. Covered entities and business associates are required to protect ePHI as per HIPAA security and privacy rule.
Additional reading
Granular Access Control for Security and Governance
Giving every employee full access to all your IT systems, from databases to dev-ops, is convenient, but also a security nightmare. Unfortunately, that’s exactly what happens with broad access controls; privileges are too generous and not tailored to actual needs. Granular access control gives employees custom access that opens only the specific systems and processes…
How to write a VAPT report?
TL;DR A VAPT report combines findings from vulnerability assessments (automated scans for known weaknesses) and penetration testing (simulated real-world attacks) into a single document that helps organizations identify, prioritize, and remediate security flaws across their systems and networks. Leveraging data and data driven insights helps organizations improve their security and drive success. Data awareness empowers…
Everything you don’t see in GRC reports: A look back at Humans of GRC series
When people hear “GRC,” they think policies, audits, frameworks, reports. They think about structure, not stories. Control, not connection. But we’ve spent years inside this world, working alongside the people who do the hard, quiet work—the ones who keep organizations steady through uncertainty, regulation, and change, who step in during crises, adapt to new technologies,…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
