Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
PDCA Cycle
The Plan-Do-Check-Act (PDCA/PDSA) cycle is a simple and effective approach with a continuous loop of planning, doing, checking (or studying), and acting, and it is generally used for testing improvement measures on a smaller scale before scaling procedures and working practices.
Additional reading
Compliance Risk Assessment: Key Steps and Best Practices
TL;DR A compliance risk assessment is a structured process used to identify, evaluate, and prioritize regulatory risks that could lead to legal, financial, or reputational damage. It helps organizations detect gaps in policies, controls, training, and processes before they lead to non-compliance incidents or regulatory penalties. The typical workflow includes identifying risks, assessing impact and…
What is a HIPAA Identifier and How is it Used?
TL,DR: HIPAA identifiers are 18 specific data attributes that can identify an individual, including name, geographic location, dates, phone numbers, SSN, medical record numbers, IP addresses, biometric identifiers, and full-face photographs PHI is created only when any of the 18 identifiers are linked to health information. Direct identifiers (like SSN) identify a person alone, while…
FedRAMP Impact Levels: High vs Moderate vs Low
Cloud Service Providers (CSPs) aiming for FedRAMP authorization must categorize their systems’ security impact levels as per FIPS 199, a NIST standard. However, there’s always an initial confusion of how accurately you can categorize systems. Misclassifying systems, either by over-securing or under-protecting, often cause a delay in authorization or expose sensitive data to risks. So,…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
