Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » HIPAA » Limited Data Set

Limited Data Set

A limited data set is detailed as health information that excludes certain listed direct identifiers but that may include city;  ZIP Code; state; elements of date; telephone numbers, fax numbers and other characteristics, numbers, or codes not listed as direct identifiers.

The direct identifiers defined in the Privacy Rule’s limited data lays down provisions that apply both to information about the individual as well as to information about the individual’s employers, relatives, or household members. The following list of identifiers must be deleted from health information if the data is to be permitted as a limited data set:

– Medical record numbers

– Names

– Postal address information

– Electronic mail addresses

– Social security numbers

– Certificate/license numbers

– Health plan beneficiary numbers

– Account numbers

– Telephone numbers

– Fax numbers

– Vehicle serial numbers and identifiers, including license plate numbers.

– Biometric identifiers, including fingerprints and voiceprints.

– Device identifiers and serial numbers

– Web universal resource locators (URLs)

– Full-face photographic images and any comparable images

– Internet protocol (I.P.) address numbers

Additional reading

PCI DSS Assessment: A Quick Guide

For first-timers, preparing for a PCI DSS assessment can feel intimidating. There’s a sense of ambiguity on where to begin, multiple requirements to absorb, and implementation gaps to fill. The larger goal is not just to get compliant but to safeguard cardholder’s data from security threats. A PCI compliance assessment, however, acts as a crucial…

Mastering Internal Control Risk Assessment: Key steps to strengthen your business

As forward-thinking businesses focus on maximizing value, they recognize that risk must inform every decision, as it can enhance, maintain, or compromise value. However, instead of trying to eliminate or avoid risks entirely, they manage risk exposure to strike the right balance.  Such an approach stems from the understanding that risk is a part of…

Top 10 Policy Management Software by Use Case (2026)

TL;DR Policy management software creates structured governance: It centralizes drafting, approvals, distribution, attestations, and audit trails so policies aren’t scattered across drives and email threads. There are different categories of tools: From basic document repositories to dedicated lifecycle platforms, compliance automation tools, and full GRC systems that connect policies to risks and controls. The best…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales