Data Discovery & Compliance Glossary
Understanding data discovery and compliance terms
We have utilized our extensive data discovery knowledge and experience to assemble an easy-to-reference glossary of critical data discovery and compliance terminology. Whether you’re an experienced data protection officer or new to the data discovery scene, our glossary page is here to provide you with the knowledge you need.
The process of identifying and analyzing who has access permissions to sensitive and PII data, and taking action to manage permissions to that data to reduce risk of exposure.
Achieving PCI DSS Compliance
Adhering to a set of requirements intended to ensure all companies that store, process, or transmit credit card information maintain a safe and secure environment.
Australia Data Protection Law
A set of rules developed in 1988 in order to protect and promote the privacy of individuals in Australia as well as regulate how organizations handle personal information.
A document that demonstrates your ability as an engineer to meet Australian consumer data rights standards.
Refers to a set of four to six numbers that appear on a payment card and identifies the institution that issues the card.
Card Data Discovery
A way to identify card information across files, work locations, and servers. Learn more about Card Data Discovery.
Cardholder Data Discovery
A way to identify cardholder information across files, work locations, and servers, databases, emails, on-premise and cloud storage. Learn more about Cardholder Data Discovery.
A statewide data privacy law that regulates how businesses all over the world are allowed to handle the personal information (PI) of California residents. Learn more about CCPA compliance.
Information defined as PI and is protected under the California Consumer Privacy Act.
An abbreviation for cardholder data discovery and refers to identifying cardholder information across files, work locations, and servers, databases, emails, on-premise and cloud storage.
Credit Card Data Discovery
A way to identify card information across files, work locations, servers, databases, emails, on-premise and cloud storage.
Credit Card Processing Compliance - Adhering to the rules and regulations set forth by PCI DSS to ensure all credit card information is maintained in a safe and secure environment.
Credit Card Processing Compliance
Adhering to the rules and regulations set forth by PCI DSS to ensure all credit card information is maintained in a safe and secure environment.
The process of organizing data into relevant categories so that it can be used and protected more efficiently.
Data Compliance Software
A tool used to identify sensitive data and ensure that it’s handled securely.
A term used to describe the process of analyzing data from various sources and consolidating results into a single source that can be evaluated. Learn more about data discovery.
Refers to all the analytics tools, methods and processes companies employ in order to form a better understanding of the information they collect.
Data Protection Officer (DPO)
A security leadership role responsible for overseeing a company’s data protection strategy and enforcing data compliance requirements.
A term used to describe the verification phase of data migration where the target data is compared against the original source data to ensure that the migration architecture transferred the data correctly.
The monitoring, recording, and observing of selected user database actions, typically intended for security purposes.
A checksum formula used to validate a variety of identification numbers like credit card numbers and National Provider Identifier numbers in the United States.
Adhering to a set of requirements intended to ensure all companies that store, process, or transmit credit card information maintain a safe and secure environment. Also known as PCI DSS compliance. Learn more.
File Analysis Software
A tool used to help users create a comprehensive understanding of an organization’s file structure.
Adhering to a set of rules and regulations that requires businesses to protect the personal data and privacy of EU citizens. Learn more about GDPR compliance.
An outlined set of rules that healthcare organizations need to follow and implement to protect the privacy, security, and integrity of protected health information (PHI). Learn more about HIPAA compliance.
HIPAA Security Rule
A set of national standards to protect an individual's electronic personal health information or ePHI and outlines the appropriate security measures covered entities need to implement.
A set of rules and regulations that attempts to unify over 40 different statutes that govern personal data and protect the sensitive information of Brazilian citizens. Learn more about LGPD compliance.
An abbreviation for notifiable data breaches, this is a rule set forth by the Australian government that says organizations are required to submit a notification of a data breach to the Australian Commissioner and notify individuals as soon as possible.
New Zealand Data Privacy Law
Also referred to as The Privacy Act 2020, this law mandates how agencies based in New Zealand, or those that do business with New Zealand citizens, collect, use, disclose, store, retain, and give access to personal information. Learn more here.
An abbreviation for the National Registration Identity Card which is an identity document issued to citizens and permanent residents of Singapore.
Payment Card Compliance
Refers to the technical and operational standards that businesses follow to secure and protect credit card data provided by cardholders and transmitted through card transactions.
Adhering to a set of requirements intended to ensure all organizations store, process, and transmit credit card data to maintain a secure environment. Learn more about PCI compliance.
A data protection law of Singapore that was created to better protect the personal data of individuals in Singapore. Learn more about PDPA compliance.
An abbreviation for protected health information, referring to any information about health status, health care, or payment for healthcare that is collected by a covered entity.
An abbreviation for personal information, also known as personally identifiable information (PII). This is any data that could potentially be used to identify a particular person.
Referring to a wide range of personal information on a given individual, collected through a range of structured and unstructured data stores.
An abbreviation for personally identifiable information, this is any data that could potentially be used to identify a particular person.
Also known as Personal Information Protection and Electronic Documents Act, this is Canada’s main federal law relating to privacy in the private sector. Learn more about PIPEDA compliance.
The act of securing sensitive data identified during the data discovery process by encrypting, obscuring (masking), quarantining, or deleting obsolete data.
The process of mapping sensitive data to organization-defined classification tags and risk scores to identify and focus on the highest risk locations.
Sensitive Personal Data
A piece of data that falls into special categories that require extra security like racial or ethnic origin, political opinions, religious beliefs, genetic data, or biometric data.