Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Privacy


Privacy is one of the five trust service criteria of SOC 2. It is information an entity collects, uses, retains, discloses, and disposes to meet its objectives. 

The privacy principle aims to service organizations who handle sensitive personal information do so in a responsible and trustworthy manner. They should have appropriate controls in place to protect the privacy of individuals. This principle guides organizations to handle privacy based on the following:

– Notice and communication of objectives

– Choice and consent

– Collection

– Use, retention, and disposal

– Access

– Disclosure and notification

– Quality

– Monitoring and enforcement

Additional reading

11 Best Practices for PCI DSS Compliance

Maintaining a secure environment has become the top priority with the increasing volume of malicious attacks on business processing user card data. The (Payment Card Industry Data Security Standards) PCI DSS compliance, though not legally mandated, is a globally accepted security standard for businesses processing transactions either in physical or digital form.  This article focuses…

A Quick Guide to Third-Party Due Diligence

According to a recent study, 62% of data breaches stem from vulnerabilities in third-party relationships, highlighting the importance of rigorous third-party due diligence practices. As businesses forge complex alliances, robust third-party due diligence becomes a critical defense against inherent risks and exposure. Third-party due diligence practices are an essential safeguard for SaaS enterprises that manage…

Top 10 Business Continuity Management Software in 2024

Do you have disaster recovery plans in place in the event of a crisis? Has your organization adopted any business continuity solutions or disaster recovery solutions yet? Did you know that even a single hour of downtime can cost organizations over $1 million, as per a report from ITIC? Also, the average downtime for ransomware…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.