Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Privacy

Privacy

Privacy is one of the five trust service criteria of SOC 2. It is information an entity collects, uses, retains, discloses, and disposes to meet its objectives. 

The privacy principle aims to service organizations who handle sensitive personal information do so in a responsible and trustworthy manner. They should have appropriate controls in place to protect the privacy of individuals. This principle guides organizations to handle privacy based on the following:

– Notice and communication of objectives

– Choice and consent

– Collection

– Use, retention, and disposal

– Access

– Disclosure and notification

– Quality

– Monitoring and enforcement

Additional reading

How to Create a Cybersecurity Disaster Recovery Plan

Your company’s digital infrastructure has the potential to crumble in the blink of an eye. Leaders might know this but don’t want to face it. With disasters, it’s almost always the question of “when” not and “if”.  While digital interconnectedness propels us forward with unprecedented efficiency, it also exposes us to vulnerabilities that tend to…

Ultimate Guide to PCI DSS Training

The Payment Card Industry Data Security Standards (PCI DSS) is a compliance framework that mandates organizations to protect sensitive cardholder information from security threats. Every organization that processes even one card transaction in a year needs to follow PCI security standards. As an organization going through the PCI DSS compliance journey, you must have the…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales