Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Privacy

Privacy

Privacy is one of the five trust service criteria of SOC 2. It is information an entity collects, uses, retains, discloses, and disposes to meet its objectives. 

The privacy principle aims to service organizations who handle sensitive personal information do so in a responsible and trustworthy manner. They should have appropriate controls in place to protect the privacy of individuals. This principle guides organizations to handle privacy based on the following:

– Notice and communication of objectives

– Choice and consent

– Collection

– Use, retention, and disposal

– Access

– Disclosure and notification

– Quality

– Monitoring and enforcement

Additional reading

information security policy
Blogs ISO 27001

Information Security Policy – Everything You Should Know

Your Information Security Policy needs to be robust and protect your organization from internal and external threats. Its scope should be exhaustive, yet it should make room for updates and edits and keep pace with the changing business environments and threats. It sets the tone and foundation for how you plan to protect your organization’s…
PCI DSS compensating controls
Blogs PCI DSS

A Detailed Overview Of PCI DSS Compensating Controls

If your business handles, stores, transmits, manages, or processes customers’ payment card information, it must comply with PCI DSS (Payment Card Industry Data Security Standard). This is an information security standard that outlines measures and controls for organizations to protect sensitive card details while processing transactions.  Implementing stringent compliance is not a piece of cake…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales