Privacy Principle

One of the 5 Trust Services Criteria of SOC 2 audits. Including the Privacy Principle in your SOC 2 audit report ensures that your organization is handling client data in accordance with any commitments in the privacy notice as committed or agreed upon. The Privacy Principle also demonstrates that you’re handling client data in accordance with criteria issued by the AICPA, including management, notice, choice and consent, collection, use retention and disposal, access, disclosure to third parties, security, quality, and monitoring and enforcement.