NIST Launches Development of Voluntary Privacy Risk Management Framework
The National Institute of Standards and Technology (NIST) has launched a collaborative effort to develop a voluntary framework that will help organizations manage privacy risks and protect consumer privacy when developing and using innovative technologies. According to NIST, a robust cybersecurity program can help manage risks, but organizations need customizable tools for addressing the challenges posed by an increasingly connected environment. The intent is to “bridge the gaps between privacy professionals and senior executives so that organizations can respond effectively to these challenges without stifling innovation.”
The privacy framework, which will be designed through an open process of stakeholder engagement to provide solutions for a wide range of organizations, is modeled on NIST’s Cybersecurity Framework. Alongside NIST, the National Telecommunications and Information Administration is leading the development of a set of privacy principles in coordination with the International Trade Administration.
Starting in October, NIST will convene a series of workshops to gather input from stakeholders. Organizations that wish to weigh on the direction of the framework can find events here.