On January 16, 2020 NIST released their first framework developed specifically for managing privacy risk, Version 1.0 of the NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management. According to NIST, the framework is a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy. 

Learn how to implement NIST’s new framework into your privacy program in this webinar.

As technologies continue to evolve and the importance of data privacy and protection grow across the globe, it’s important for organizations processing and handling personal information to be responsible stewards of that data. In order to help organizations maintain the balance of innovation and privacy, the NIST Privacy Framework is intended to help organizations better manage privacy risks that could potentially occur and demonstrate and maintain compliance with global privacy laws, like the EU’s GDPR and the California Consumer Privacy Act (CCPA).  

The Privacy framework is closely modeled after the well-known NIST Cybersecurity Framework and is designed to complement one another.  NIST describes the Privacy Framework as enabling better privacy engineering practices that support privacy by design concepts to help organizations protect individuals’ privacy. The Privacy Framework can support organizations in: 

Composed of three partsCore, Profiles, and Implementation Tierseach component of the framework reinforces how organizations manage privacy risk through the connection between business or mission drivers, organizational roles and responsibilities, and privacy protection activities. 

 To learn more about the NIST Privacy Framework you can read NIST’s summary here. Or access the NIST Privacy Framework Roadmap here. Sign up for the Web Conference: NIST’s New Privacy Framework: Everything You Need to Know here.