Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Privacy

Privacy

Privacy is one of the five trust service criteria of SOC 2. It is information an entity collects, uses, retains, discloses, and disposes to meet its objectives. 

The privacy principle aims to service organizations who handle sensitive personal information do so in a responsible and trustworthy manner. They should have appropriate controls in place to protect the privacy of individuals. This principle guides organizations to handle privacy based on the following:

– Notice and communication of objectives

– Choice and consent

– Collection

– Use, retention, and disposal

– Access

– Disclosure and notification

– Quality

– Monitoring and enforcement

Additional reading

GDPR Article 30: Maintaining Records of Processing Activities

TL,DR: GDPR Article 30 requires a Record of Processing Activities for personal data processing. RoPA documents what data you collect, where it sits, how it’s used, and who accesses it. The article explains record-keeping challenges across departments and how to maintain accurate processing documentation. Why is record keeping such a fundamental part of GDPR compliance? …

Top 7 Benefits of ISMS Implementation for Modern Businesses

TL,DR: ISMS helps manage sensitive data through policies, controls, and repeatable risk processes. Benefits include better data protection, regulatory alignment, customer trust, and standardized internal security practices. The article explains seven ISMS benefits and how ISO 27001 alignment supports security maturity. Is securing your business’s data and information security in today’s ever-evolving digital threat landscape…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.