Readiness

R - Z
Readiness
Helps your business improve the way it handles personal information and will identify potential privacy or security deficiencies. It then provides a prioritized remediation schedule to fill the gaps in your privacy policies and practices.
Right To Erasure (‘Right to be Forgotten’)
The right of a data subject to require the data controller to erase personal data concerning him or her with undue delay. The controller has the obligation to erase personal data without undue delay where: 1) the personal data are no longer necessary ...
Risk Assessment Factors (IAPP)
Number of breaches; number of outages; unauthorized access; lost assets; software viruses; investigations.
Supervisory Authority
Each member state must establish one or more independent public authorities, known as the ‘supervisory authority’, that is responsible for monitoring the application of the GDPR within their state.
Truncate
To shorten by cutting off a part; cut short.
Vulnerability Assessment
Also, known as vulnerability analysis, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure.
Redacted
Hides or removes parts of text before publication, distribution, storage, or examination.
Right of Access
Generally, the right of individuals to obtain data about themselves from data controllers or data owners upon request. The right of access can also be interpreted to represent an individual’s ability to modify, correct, erase, or transfer ...
Security Safeguards
A fair information principle, it is a principle that personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, use, modification or disclosure of data.
Sensitive Personal Information/Data (High Risk Data)/Special Categories of Data
(US) Sensitive personal information is generally synonymous with high risk data. The data, should it suffer loss of confidentiality, integrity, or availability, could have a significant detrimental or adverse impact to both the business (firm) and ...
Shadow Data
Data which is being recorded over the Internet through channels like email, social media, Web browsing and online transactions, and indirectly via point-of-sale terminals, and mobile GPS. It is created when an individual sends an email, updates a ...
Software Reformatting
Use of special software to write patterns of meaningless data onto each of the drive’s sectors.
Storage Encryption
The use of encryption to protect stored or backed-up data both in transit and in the storage medium to provide an additional layer of security.
Third Party
(US) Someone not directly involved in a transaction. A third entity in addition to the first party and second party relationship, such as a seller and customer. A Seller may employ a third party to perform specific services to augment the value of a ...
Third-Party Vendor
Term used in the Privacy Practices to represent entities that a Vendor, who has been directly hired by the firm, might hire to assist them with a task or service.
Vendor
The entity who maintains, collects, stores and/or processes data that they do NOT own or license. A vendor (and their third-party vendors) perform services as initially directed/requested by the Data Controller or Data Owner. Vendors are also known ...
Web Beacon
Is an often transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a website or in an email that is used to monitor the behavior of the user visiting the website or sending the email. It is often used in combination ...
Record Retention
The storage and destruction of information records, both paper and electronic.
Record Retention Policy
Covers all aspects of a company’s policies and procedures in dealing with the storage and destruction of information records, both paper and electronic.
Risk Assessment
A systematic process of evaluating the potential risks that may be involved in a projected activity or undertaking. In other words, identify potential hazards and analyze what could happen if a hazard occurs, specifically as it pertains to data ...
Use
Describes what the company does with the personally identifiable information (PII) it collects. It is critical that the business only use the collected PII in the manner described in the “Use” section of the Privacy Policy.
SPAM
Unsolicited commercial e-mail.
Social Engineering
A general term for how attackers can try to persuade a user to provide information or create some other sort of security vulnerability.
Sectoral Laws/Model
Laws that exist only in areas where the legislative body has found a particular need.

Readiness | R - Z | Knowledge Base

R - Z

Right To Erasure (‘Right to be Forgotten’)

Risk Assessment Factors (IAPP)

Supervisory Authority

Truncate

Vulnerability Assessment

Redacted

Right of Access

Security Safeguards

Sensitive Personal Information/Data (High Risk Data)/Special Categories of Data

Shadow Data

Software Reformatting

Storage Encryption

Third Party

Third-Party Vendor

Vendor

Web Beacon

Record Retention

Record Retention Policy

Risk Assessment

Use

SPAM

Social Engineering

Sectoral Laws/Model