Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
BAA
A Business Associate Agreement (BAA) is a signed agreement between covered entities and business associates. HIPAA privacy rule mandates that covered entities who share PHI with third party service providers specify the responsibilities of each party to secure PHI.
A BAA must describe the permitted rules to use or disclose PHI and require the business associate to implement appropriate safeguard to maintain the security of PHI.
Additional reading
The Ultimate Guide to Security Essentials for Organizations
TL,DR: Security essentials are the foundational measures protecting digital and physical assets from unauthorized access, including MFA, firewalls, access controls, data encryption, network segmentation, and server hardening Most security breaches do not stem from sophisticated attacks. They happen because basics like unpatched software, dated operating systems, and misconfigured servers go undetected until threat actors exploit…
The New Vendor Tiering Model: How to Categorize Vendor Risk in an AI Era
TL;DR AI is changing vendor tiering because risk is no longer limited to core infrastructure vendors. Traditional backbone categories like cloud, cybersecurity, and DevOps still require the highest governance rigor, but AI integrations are now expanding runtime exposure across CRMs, collaboration tools, HR systems, finance platforms, and other operational SaaS categories. At the same time,…
ISO 42001 Auditor: Responsibilities, Skills, & How to Get Certified
TL;DR ISO 42001 auditors assess whether AI systems align with governance, ethics, and ISO clause requirements. They review AI policies, audit real practices, talk to teams, and flag compliance gaps. To become one, you’ll need prior audit or governance experience, formal training, and ISO 42001 certification. The core skills of an ISO 42001 auditor include…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
