Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Getting to V1.0 of the NIST Privacy Framework: Workshop #3


NIST will be hosting the third in a series of public workshops on the development of the Privacy Framework: An Enterprise Risk Management Tool on July 8th-July 9th in Boise, Idaho. We thank Boise State University for hosting this two-day event, where attendees will have an opportunity to actively engage in facilitated discussions to advance the development of the framework. Participants are encouraged to review the supplemental materials provided below for discussion at the workshop. This workshop will be open to the public.

Join the conversation about this workshop using #PrivacyFramework

CPE credits: The International Association of Privacy Professionals (IAPP) has approved up to 12 CPE credits for attending this workshop. To request credits from IAPP, please use this form.

Supplemental Materials 

NIST developed the following documents based on stakeholder input received since the release of the Privacy Framework Discussion Draft. While the Discussion Draft (and its associated NIST Informative References) remains the current complete working draft of the framework, these latest materials are intended to drive additional feedback about aspects of the Discussion Draft that generated significant dialogue, and will be the main focus of the workshop. NIST will use feedback on these materials to develop a preliminary draft of the framework. For more information about these materials, visit the working drafts page.

Integrated Core (PDF)  Separated Core* (PDF)   Proposed Cores (Excel)  Executive Summary (PDF) Use Case Profiles (PDF) Roadmap Topics (PDF) Glossary (PDF)

*Note: the Separated Core was updated on July 3, 2019, to correct the subcategory text in CM.AW-P8.

101 webinar Video

A recording of the NIST Privacy Framework 101 Webinar: Preparing for Workshop #3 is available here to help you get ready to engage at the event. 

MOBILE WORKSHOP GUIDE

We're excited to announce we have a mobile guide for you to use on Guidebook! Get the guide to conveniently access information about our workshop, including schedules and maps.  

Get our guide here: https://guidebook.com/g/nistpfworkshop3/

Android and iOS users:

  1. Tap the "Download" usa-button to download the free Guidebook app
  2. Open Guidebook and you can find our " Getting to V1.0 of the NIST Privacy Framework: Workshop #3 " guide

Please note that in order to use the app, attendees will have to submit their name and email to create a Guidebook account and will be subject to Guidebook’s privacy policy. Use of this third-party app is completely optional. All workshop information available on the app is also provided on the workshop’s event page.

VENUE INFORMATION

Workshop Location

Boise State Student Union
1700 W University Drive, Boise, ID  83725 (Google maps link)

Lodging

For information on lodging, please visit Boise State University’s website.

Food

A map of nearby food options is provided.

Parking

Please note: You will need to pay for parking. parking map is provided to indicate the nearest parking garage, the Lincoln Garage. 
Lincoln Parking Garage
intersection of W. University Drive and S.Lincoln Ave (Google maps link)

ABOUT THE NIST PRIVACY FRAMEWORK

For more information about the NIST Privacy Framework, please visit the NIST Privacy Framework website. To receive periodic updates about the process and opportunities to engage, subscribe to the NIST Privacy Framework mailing list.

Agenda (Printable PDF; last updated July 5th) 

Agenda: Day 1 (July 8)

Time

Topic

7:30 AM

Registration Opens
Jordan Ballroom Lobby, Boise State Student Union (2nd Floor)
1700 W University Dr., Boise, ID, 83725

8:30 AM

Plenary Opening Remarks
Jordan D Ballroom

  • Steven Feldstein, Frank and Bethine Church Chair of Public Affairs and associate professor, Boise State University
  • Kevin Stine, Chief of the Applied Cybersecurity Division, NIST

8:45 AM

Panel #1: Discussing the Privacy Framework with NIST
This panel will introduce the supplemental materials for the workshop. Engage with NIST leadership to learn more about the NIST Privacy Framework process and the approach taken in these materials.

Panelists:

  • Donna Dodson, Chief Cybersecurity Advisor, NIST
  • Naomi Lefkovitz, Senior Privacy Policy Advisor, NIST
  • Adam Sedgewick, Senior IT Policy Advisor, NIST
  • Kevin Stine, Chief of the Applied Cybersecurity Division, NIST

10:00 AM

Break

10:15 AM

Panel #2: Getting to Implementation and Beyond
Hear from expert practitioners from various sectors about the implementation path for the NIST Privacy Framework. Panelists will discuss how their organizations are considering use of the framework with their current processes, the relationship between the framework and the development of a skilled and multilayered privacy workforce, and how the framework could be used to meet organizations’ needs across sectors and jurisdictions. Panelists will share their perspectives on additional framework improvements to increase usability and provide a foundation for further progress in privacy protection.

Moderator: Jamie Danker, Director of Privacy, Easy Dynamics, Corp.

Panelists:

  • Caitlin Fennessy, Senior Privacy Fellow, International Association of Privacy Professionals
  • Tim McIntyre, Associate General Counsel, Privacy & Product, Okta
  • Dylan Gilbert, Policy Fellow, Public Knowledge

11:30 AM

Rules of Engagement

11:45 AM – 1:15 PM

Lunch  
On your own | Dining options available in the workshop vicinity.

1:15 PM –

2:45 PM

Working Session #1
Working sessions 1, 2, 3, and 6 will help NIST determine the path forward for the forthcoming Preliminary Draft of the Privacy Framework through an in-depth discussion of the supplemental materials:

See badge for assigned room.

2:45 PM

Break

3:00 PM – 4:30 PM

Working Session #2
Continue discussions from working session #1. Return to same room as session #1.

4:30 PM

Adjourn

Agenda: Day 2 (July 9)

Time

Topic

8:30 AM

 

Working Session #3
Continue discussions from working session #2. Return to same room as session #2.

11:15 AM

Break

11:30 AM – 12:30 PM

Working Session #4 (concurrent sessions)
Choose one of the following four topics. All topics will repeat in session 5.

Roadmap
Room: Hatch A

Emerging technologies, confidence mechanisms, and more – what are the challenges for privacy and the actions needed to address them? Discuss the Proposed Roadmap Topic Areas  (PDF link) to help build a roadmap for the Privacy Framework.

Roles
Room: Jordan A

Would integrating workforce roles into the Privacy Framework improve organizational collaboration and make the Framework easier to use? How might those roles be categorized and assigned? This session will focus on who uses the Privacy Framework and how to communicate this better.

Bridging Communication, Building Collaboration
Room: Jordan B

How do organizations create dialogue between disparate parts of the organization and broader ecosystem that speak different languages? This session will consider Profiles as a tool for bridging communication gaps and building collaboration, and how to best present the concept in the Privacy Framework.

Use Case Profiles | PDF link

Use Case Exercise
Room: Jordan C

Engage in a hypothetical use case exercise to stress test the NIST Privacy Framework.

12:30 PM -1:45 PM

Lunch
On your own | Dining options available in the workshop vicinity.

1:45 PM – 2:45 PM

Working Session #5 (concurrent sessions)
Choose one of the following four topics. Note: These are repeated from session #4.

Roadmap

Room: Hatch A

Roles

Room: Jordan A

Bridging Communication, Building Collaboration

Room: Jordan B

Use Case Exercise

Room: Jordan C

2:45 PM – 3:45 PM

Working Session #6
Continue discussions from working session #3. Return to same room as session #3.

3:45 PM

Break

4:00 PM

Recap

Jordan D Ballroom

Hear about the main takeaways from the workshop, directly from the working session facilitators.

Moderator: Adam Sedgewick, Senior IT Policy Advisor, NIST

Panelists:

  • Matt Barrett, Chief Operating Officer, Cyber Engineering Services Inc.
  • Rebecca Herold, Owner & CEO, Rebecca Herold & Associates, LLC
  • Julie Snyder, Principal/Privacy Domain Capability Area Lead, The MITRE Corporation
  • Nadya Bartol, Associate Director, Boston Consulting Group Platinion, Boston Consulting Group

4:20 PM

Next Steps

  • Naomi Lefkovitz, Senior Privacy Policy Advisor and Lead, Privacy Framework, NIST
  • Ellen Nadeau, Deputy Manager, Privacy Framework, NIST

4:30 PM

Adjourn

Created May 14, 2019, Updated July 23, 2019