Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Privacy By Design

Privacy By Design

Privacy by Design is an approach that was developed to battle the ever-increasing threats to information privacy and security. It implements privacy at the core of engineering and design methodology for any product, service, system, or process. The scope of privacy doesn’t end with design but rather extends throughout the lifecycle of any such product. The Privacy by design framework is based on seven cornerstone principles:


– Being proactive and not reactive
– Keeping privacy as the default setting
– Embedding privacy into design
– Retaining full functionality through positive-sum
– Driving protection throughout the lifecycle
– Respecting user privacy
– Enabling visibility and transparency

Additional reading

HIPAA Authorization: Ensuring Patient Privacy and Consent

TL,DR: HIPAA authorization is written patient permission for using or disclosing PHI beyond standard purposes. It is required for psychotherapy notes, marketing, PHI sales, and non-routine disclosures. The article covers authorization elements, exceptions, penalties, and how it supports patient privacy. HIPAA authorization is an important part of safeguarding sensitive patient health information. It is necessary…

A Guide to ISO 27003 and the ISMS Implementation Process

TL,DR: ISO 27003 guides ISO 27001 ISMS rollout, but it is not a certifiable standard. It helps teams define scope, context, leadership, planning, risk treatment, monitoring, and improvement. Use it when ISO 27001 requirements feel unclear during early ISMS planning and documentation. The ISO 27000 family of standards is an internationally recognized set of guidelines…

ISO 27000 Series of Standards – Complete Guide

TL,DR: ISO 27000 is the standards family for building and improving an ISMS. Start with ISO 27001 for certification and ISO 27002 for control guidance. The article explains ISO 27005, 27017, 27018, and sector-specific security guidance. With data breaches on the rise, more businesses are seeking vendors who can protect their sensitive data. To provide…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.