The Department of Commerce’s National Institute of Standards and Technology (“NIST”) announced in early September intention to create a Privacy Framework. This Privacy Framework would provide voluntary guidelines that assist organizations in managing privacy risks. The NIST announcement recognized that the Privacy Framework is timely because disruptive technologies, such as artificial intelligence and the internet of things, not only enhance convenience, growth, and productivity, but also require more complex networking environments and massive amounts of data.
Building on the success of the NIST Cybersecurity Framework, the Privacy Framework is meant to be a transparent, enterprise-level tool that helps organizations prioritize resources and strategies in order to create flexible, risk-based privacy solutions. Deliberations between industry, civil society groups, academic institutions, federal, state, and local government entities, standard-setting organizations, and others kicked off with a workshop in Austin, Texas on October 16th, which set the stage by examining how organizations currently manage privacy risks, identifying where the challenges lie, and determining how the Privacy Framework can help organizations meet such challenges.
Ms. Lefkovitz stressed the benefits of the NIST Privacy Framework as it is currently imagined, including:
Read more here