Glossary

A

A B C D E F G H I L M N O P R S U V W

Description: The process of gathering data through direct interaction with sources or systems.
Origin: Common data management practice with no specific enactment date.
Impacts Data Types: User inputs, sensor data, transactional records.
Examples: Surveys, web form submissions, IoT device readings.
Potential Fines: Varies depending on jurisdiction and applicable data protection laws.

Description: Alabama legislation addressing data privacy and protection requirements for businesses.
Origin: Enacted in 2023; effective January 1, 2024.
Impacts Data Types: Personal identifying information (PII), financial data.
Examples: Data breach notification mandates, consumer data rights.
Potential Fines: Penalties up to $50,000 per violation.

Description: Alaska House Bill focusing on consumer data protection and privacy rights.
Origin: Enacted in 2022; effective July 1, 2023.
Impacts Data Types: Consumer personal data, health information.
Examples: Data access requests, opt-out provisions.
Potential Fines: Fines up to $100,000 per violation.

Description: Arizona Senate Bill establishing guidelines for data privacy and consumer protections.
Origin: Enacted in 2023; effective March 1, 2024.
Impacts Data Types: Personal data, biometric data.
Examples: Consent requirements, data breach notifications.
Potential Fines: Up to $75,000 per violation.

Description: Arkansas Senate Bill regulating data privacy practices and consumer rights.
Origin: Enacted in 2022; effective January 1, 2023.
Impacts Data Types: Personal information, health data.
Examples: Data security requirements, consumer access rights.
Potential Fines: Penalties up to $60,000 per violation.

Description: Security measures implemented to protect data from unauthorized access or disclosure.
Origin: Defined in HIPAA Security Rule; ongoing regulatory guidance.
Impacts Data Types: Electronic protected health information (ePHI), sensitive data.
Examples: Encryption, access controls, audit controls.
Potential Fines: Fines vary based on compliance failures; up to $1.5 million per year for violations.

Description: Legal principle protecting confidential communications between attorneys and their clients.
Origin: Established through common law; varies by jurisdiction.
Impacts Data Types: Legal documents, communication records.
Examples: Privileged emails, legal advice notes.
Potential Fines: Not typically subject to fines but breach may impact legal proceedings.

Description: A chronological record showing the sequence of activities affecting a specific operation or event.
Origin: Standard practice in compliance and security; no formal enactment date.
Impacts Data Types: Logs, transaction records, access records.
Examples: User access logs, change history in databases.
Potential Fines: Fines depend on regulatory requirements and breach impact.

Description: Auditing is the process of reviewing and verifying an organization’s controls, policies, and practices to ensure compliance.
Origin: This is a standard professional practice and not a regulation with a formal enactment or enforcement date.
Impacts Data Types: Security policies and access logs.
Examples: HIPAA compliance audits and financial audits.
Potential Fines: Regulatory fines differ by statute, with penalties of up to $150,000 for each HIPAA violation.

A B C D E F G H I L M N O P R S U V W