E - I
EU/US Privacy Shield and Swiss/US Privacy Shield
The EU/US and Swiss/US Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection ...
Hague Convention: On the Service Abroad of Judicial and Extra-Judicial Document in Civil or Commercial Matters
The Hague Convention on the Service Abroad of Judicial and Extrajudicial Documents in Civil or Commercial Matters was concluded on November 15 1965 to ensure that judicial and extrajudicial documents are served abroad with sufficient notice and in a ...
Informed Consent
The process by which an entity discloses appropriate information to allow an individual to competently make a voluntary choice to accept or refuse in whole or partially the collection, disclosure and/or processing of their personal information based ...
Inter-American Convention on Letters Rogatory and Additional Protocol (IACAP)
A pair of international agreements designed to facilitate judicial assistance between countries.
Encrypt
Convert data into a cipher or code, especially to prevent unauthorized access. Typically done using a specialized software package or tool.
Escalation Plan
A set of procedures that specifies the actions to be taken to respond to an incident, specifically who in the organization is to be contact and at what point.
Hash
The process of generating a string of numbers from a string of text, which ensures that a string of the same text values will not equal the same numerical values. The importance of hashing is that the hashed value is not able to be retransformed into ...
Incident Response Plan (IRP)
A plan that lays out an organized approach to addressing and managing the aftermath of a security breach or attack. It should define, in specific terms, what constitutes an incident and provides a systematic process that should be followed when an ...
Internet Protocol Address
A unique string of numbers that identifies a computer on the Internet or other TCP/IP network. The IP address is expressed in four groups of up to three numbers, separated by periods. For example: 555.555.55.5. An address may be "dynamic," ...
International Association of Privacy Professionals (IAPP)
The International Association of Privacy Professionals (IAPP) is a resource for professionals who want to develop and advance their careers by helping their organizations successfully manage these risks and protect their data. The IAPP is the world’s ...
Information Security
The protection of information for the purposes of preventing loss, unauthorized access and/or misuse. It is also the process of assessing threats and risks to information and the procedures and controls to preserve confidentiality, integrity and ...
ID Stay Safe™ Resource
Consumers and businesses search this site for businesses that have successfully completed the Readiness program, demonstrating their commitment to protecting personal data.
Health Insurance Portability and Accountability Act (HIPAA)
A U.S. law passed to create national standards for electronic healthcare transactions, among other purposes. HIPAA required the U.S. Department of Health and Human Services to promulgate regulations to protect the privacy and security of personal ...
Health Information Technology for Economic and Clinical Health Act (HITECH)
The Enacted as part of the American Recovery and Reinvestment Act of 2009, the HITECH Act, among other objectives, further addresses privacy and security issues involving PHI as defined by HIPAA. The HITECH privacy provisions include the introduction ...
Gramm-Leach-Bliley Act (GLBA)
The commonly used name for The Financial Services Modernization Act of 1999. The act re-organized financial services regulation in the United States and applies broadly to any company that is “significantly engaged” in financial activities in the ...
Gap Analysis
Performed to determine the capability of current privacy management to support each of the business and technical requirements uncovered during an audit or privacy assessment, if any exist; requires reviewing the capabilities of current systems, ...
Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99)
It is a U.S. Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.
Encryption
The process of obscuring information, often through the use of a cryptographic scheme in order to make the information unreadable without special knowledge; i.e., the use of code keys.