Data Discovery & Compliance Glossary

Understanding data discovery and compliance terms

We have utilized our extensive data discovery knowledge and experience to assemble an easy-to-reference glossary of critical data discovery and compliance terminology. Whether you’re an experienced data protection officer or new to the data discovery scene, our glossary page is here to provide you with the knowledge you need.

A

Access Control

The process of identifying and analyzing who has access permissions to sensitive and PII data, and taking action to manage permissions to that data to reduce risk of exposure.

Achieving PCI DSS Compliance

Adhering to a set of requirements intended to ensure all companies that store, process, or transmit credit card information maintain a safe and secure environment.

Australia Data Protection Law

A set of rules developed in 1988 in order to protect and promote the privacy of individuals in Australia as well as regulate how organizations handle personal information.

Australian CDR

A document that demonstrates your ability as an engineer to meet Australian consumer data rights standards.

B

BIN Number

Refers to a set of four to six numbers that appear on a payment card and identifies the institution that issues the card.

C

Card Data Discovery

A way to identify card information across files, work locations, and servers. Learn more about Card Data Discovery.

Cardholder Data Discovery

A way to identify cardholder information across files, work locations, and servers, databases, emails, on-premise and cloud storage. Learn more about Cardholder Data Discovery.

CCPA Compliance

A statewide data privacy law that regulates how businesses all over the world are allowed to handle the personal information (PI) of California residents. Learn more about CCPA compliance.

CCPA Data

Information defined as PI and is protected under the California Consumer Privacy Act.

CHD Discovery

An abbreviation for cardholder data discovery and refers to identifying cardholder information across files, work locations, and servers, databases, emails, on-premise and cloud storage.

Credit Card Data Discovery

A way to identify card information across files, work locations, servers, databases, emails, on-premise and cloud storage.
Credit Card Processing Compliance - Adhering to the rules and regulations set forth by PCI DSS to ensure all credit card information is maintained in a safe and secure environment.

Credit Card Processing Compliance

Adhering to the rules and regulations set forth by PCI DSS to ensure all credit card information is maintained in a safe and secure environment. 

D

Data Classification

The process of organizing data into relevant categories so that it can be used and protected more efficiently.

Data Compliance Software

A tool used to identify sensitive data and ensure that it’s handled securely.

Data Discovery

A term used to describe the process of analyzing data from various sources and consolidating results into a single source that can be evaluated. Learn more about data discovery.

Data Intelligence

Refers to all the analytics tools, methods and processes companies employ in order to form a better understanding of the information they collect.

Data Reconciliation

A term used to describe the verification phase of data migration where the target data is compared against the original source data to ensure that the migration architecture transferred the data correctly.

Database Auditing

The monitoring, recording, and observing of selected user database actions, typically intended for security purposes.

Dcode Luhn

A checksum formula used to validate a variety of identification numbers like credit card numbers and National Provider Identifier numbers in the United States.

DSS Compliance

Adhering to a set of requirements intended to ensure all companies that store, process, or transmit credit card information maintain a safe and secure environment. Also known as PCI DSS compliance. Learn more.

F

File Analysis Software

A tool used to help users create a comprehensive understanding of an organization’s file structure.

G

GDPR Compliance

Adhering to a set of rules and regulations that requires businesses to protect the personal data and privacy of EU citizens. Learn more about GDPR compliance.

H

HIPAA Compliance

An outlined set of rules that healthcare organizations need to follow and implement to protect the privacy, security, and integrity of protected health information (PHI). Learn more about HIPAA compliance.

HIPAA Security Rule

A set of national standards to protect an individual's electronic personal health information or ePHI and outlines the appropriate security measures covered entities need to implement.

L

LGPD Compliance

A set of rules and regulations that attempts to unify over 40 different statutes that govern personal data and protect the sensitive information of Brazilian citizens. Learn more about LGPD compliance.

N

NDB Australia

An abbreviation for notifiable data breaches, this is a rule set forth by the Australian government that says organizations are required to submit a notification of a data breach to the Australian Commissioner and notify individuals as soon as possible.

New Zealand Data Privacy Law

Also referred to as The Privacy Act 2020, this law mandates how agencies based in New Zealand, or those that do business with New Zealand citizens, collect, use, disclose, store, retain, and give access to personal information.

NRIC

An abbreviation for the National Registration Identity Card which is an identity document issued to citizens and permanent residents of Singapore.

P

Payment Card Compliance

Refers to the technical and operational standards that businesses follow to secure and protect credit card data provided by cardholders and transmitted through card transactions.

PCI Compliance

Adhering to a set of requirements intended to ensure all organizations store, process, and transmit credit card data to maintain a secure environment. Learn more about PCI compliance.

PDPA Compliance

A data protection law of Singapore that was created to better protect the personal data of individuals in Singapore. Learn more about PDPA compliance.

PHI

An abbreviation for protected health information, referring to any information about health status, health care, or payment for healthcare that is collected by a covered entity.

PI

An abbreviation for personal information, also known as personally identifiable information (PII). This is any data that could potentially be used to identify a particular person.

PII

An abbreviation for personally identifiable information, this is any data that could potentially be used to identify a particular person.

PIPEDA Compliance

Also known as Personal Information Protection and Electronic Documents Act, this is Canada’s main federal law relating to privacy in the private sector. Learn more about PIPEDA compliance.

R

Remediation

The act of securing sensitive data identified during the data discovery process by encrypting, obscuring (masking), quarantining, or deleting obsolete data.

Risk mapping

The process of mapping sensitive data to organization-defined classification tags and risk scores to identify and focus on the highest risk locations. 

S

Sensitive Personal Data

A piece of data that falls into special categories that require extra security like racial or ethnic origin, political opinions, religious beliefs, genetic data, or biometric data.