Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Privacy

Privacy

Privacy is one of the five trust service criteria of SOC 2. It is information an entity collects, uses, retains, discloses, and disposes to meet its objectives. 

The privacy principle aims to service organizations who handle sensitive personal information do so in a responsible and trustworthy manner. They should have appropriate controls in place to protect the privacy of individuals. This principle guides organizations to handle privacy based on the following:

– Notice and communication of objectives

– Choice and consent

– Collection

– Use, retention, and disposal

– Access

– Disclosure and notification

– Quality

– Monitoring and enforcement

Additional reading

NIST Cybersecurity Best Practices

The NIST cybersecurity framework holds a reputable name in the world of cybersecurity. It is mandatory for companies within the US federal network but companies from other industries like SaaS and tech can also adopt it should they have clients within the network. Unlike many other frameworks, NIST has a non-typical approach to implementation and…

NIST Asset Management Beginners Guide

The biggest challenge that large organizations face is the handling of resources. This can include everything from computers, mobile devices, and other endpoint devices to operating systems, applications, data, and networks. Not knowing where each asset is or knowing how they function can prove problematic. Even more so when all of this is handled with…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales