Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Data Retention

Data Retention

The GDPR Data Retention rules says that any personal data collected or processed must be retained solely for the duration necessary to accomplish the purpose for which the information was initially gathered. However, it is important to note that there are exceptions, such as scientific or historical research.

Additional reading

HIPAA Minimum Necessary Rule Standard

HIPAA Minimum Necessary Rule Standard

Much of the administrative simplification rule of HIPAA focuses on preventing unauthorized disclosure of protected health information (PHI). A good practice that helps to ensure protection of PHI is application of the HIPAA minimum necessary rule standard.  This article details what this rule entails, how it works, cases where it is not applicable, and what…

Which PCI SAQ is right for my business (In-dept Guide)

If you are a merchant or service provider who manages, transmits, stores, or accesses card data, you must comply with the Payment Card Industry Data Security Standard (PCI DSS). To comply with PCI DSS policies, your job does not end at the requirement checklist – PCI requires you to ensure you are sufficiently doing what…
GRC Automation: How to Get Started

GRC Automation: How to Get Started

Everyone has a strategy for managing governance, risk management, and compliance with industry/government regulations. Businesses refer to these strategies as their GRC (Governance, Risk, and Compliance) program. With the very nature of these concepts constantly evolving, it begs the question—are the strategies in your GRC program equipped to handle enterprise risk management and compliance? Or…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.