If you would like to provide written feedback to inform NIST's work on privacy risk assessments, please email your thoughts to privacyeng [at] nist.gov by Friday, June 30, 2017. The below deck provides discussion questions used during the breakout sessions at the NIST Privacy Risk Assessment Workshop to guide your feedback (slides 15 & 17), along with background slides. Please email us with any questions.
About the workshop: As part of an ongoing series of workshops on privacy engineering and risk management, NIST will host a public workshop on June 5th in Gaithersburg, Maryland on privacy risk assessments. This workshop builds off the concepts introduced in January 2017 in NIST Internal Report 8062 (An Introduction to Privacy Engineering and Risk Management in Federal Systems). Participants will discuss the function of privacy risk assessments as a prerequisite for conducting privacy risk management, and the role of privacy risk models. This discussion will assist NIST in the development of a body of guidance on privacy risk management aligned with NIST guidance on cybersecurity risk management.
Who should attend: System design, security, and privacy engineers, security and privacy officers, and security and privacy subject matter experts should attend this interactive workshop. Public and private sector attendees and academics welcome.
CPE credits: IAPP has approved this workshop for 3.8 CPE credits. See instructions here for obtaining the CPE credit:
9:40: Breakout session #1, The relevance and role of risk models in privacy
11:20: Breakout session #2, Necessary guidance and tools for privacy implementation
If you are not registered, you will not be allowed on site. Registered attendees will receive security and campus instructions prior to the workshop.
NON U.S. CITIZENS PLEASE NOTE: All foreign national visitors who do not have permanent resident status and who wish to register for the above meeting must supply additional information. Failure to provide this information prior to arrival will result, at a minimum, in significant delays in entering the facility. Authority to gather this information is derived from United States Department of Commerce Department Administrative Order (DAO) number 207-12. The required NIST-1260 form will be available during registration. *New Visitor Access Requirement: Effective July 21, 2014, Under the REAL ID Act of 2005, agencies, including NIST, can only accept a state-issued driver’s license or identification card for access to federal facilities if issued by states that are REAL ID compliant or have an extension. For further details, please visit: https://www.nist.gov/about-nist/visit/campus-access-and-security