Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Personal Data Breach

Personal Data Breach

Within the context of the GDPR, a personal data breach is an incident that occurs when an individual experiences a security lapse that causes the accidental or deliberate destruction, alteration, loss, exposure, or unlawful access of personal information. In the event of a data breach, the data controller must alert the supervisory authority within 72 hours of becoming aware of it.

This notification must specify the nature and category of the breach, the number of data subjects and records involved, the resulting impact, the measures proposed to mitigate risk, and the contact details of the data protection officer.

Additional reading

ISO 27001 Policy Guide for Beginners in 2026

ISO 27001 is the centerpiece of the ISO 27000 series of international standards. In brief, the framework, formally known as ISO/IEC 27001:2022, establishes guidelines for developing, implementing, and maintaining an Information Security Management System (ISMS). Doing so not only helps the organization demonstrate compliance with international data security standards but improves its security posture.  Aligning…

How to Perform a HIPAA Risk Assessment to Stay Compliant?

The HHS Office of Civil Rights (OCR) provides direction to healthcare entities to implement safeguards for the privacy and security of patients’ protected health information (ePHI) and ensure HIPAA compliance. However, the first crucial step in this direction is to conduct a HIPAA risk assessment, which identifies critical risks and security loopholes. Risk assessment helps…

GDPR Requirements: How to Stay Compliant with Data Privacy Laws

TL,DR: GDPR applies when organizations process EU personal data, even outside Europe. Core duties include lawful basis, transparency, data minimization, rights handling, DPIAs, DPAs, and transfer safeguards. The article explains controllers, processors, DPO triggers, privacy by design, and 72-hour breach reporting. GDPR is the gatekeeper to one of the world’s largest markets. If you want…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.