Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Kicking off the NIST Privacy Framework: Workshop #1


NIST Privacy Workshop
NIST Privacy Workshop


This is the first in a series of public workshops NIST is hosting on the development of the Privacy Framework: An Enterprise Risk Management Tool. In this half-day event, on October 16th, in Austin, Texas, attendees will hear from NIST representatives what to expect from the framework development process. They will learn from panels of experts how organizations are currently managing privacy risks, and where the challenges lie. The workshop also will be an opportunity to begin the discussion of how the NIST Privacy Framework can meet organizations’ needs to better protect individuals’ privacy. NIST plans to use the interactive discussions at this workshop as input to an annotated outline of the Privacy Framework. This event takes place just before IAPP’s Privacy. Security. Risk. conference begins! This will be one of several in-person opportunities to engage with NIST on the development of this framework – please sign up for our mailing list to receive announcements about future events. Join the conversation about this workshop using #PrivacyFramework. A recording of this workshop will be posted shortly after the event.

Workshop Inputs: Supplemental, pre-read material (PDF link below)

Expected Workshop Outputs: Annotated outline of the Privacy Framework

For more information on transportation, lodging and dining, please visit Austin, Texas Visitor Center or IAPP's conference website.

Workshop Materials

Supplemental Material (PDF)  Slides (PDF)  Workshop Summary (PDF)

NIST Privacy Framework

For more information regarding this effort, visit the NIST Privacy Framework website.

Privacy Framework Website

Full Agenda PDF

* Agenda updated on October 11, 2018

Opening Remarks

Donna Dodson, Chief Cybersecurity Advisor, NIST

Panel Discussion #1: Introduction to the Privacy Framework

Learn about NIST’s objectives and the process for developing the Privacy Framework. Take the opportunity to ask questions of NIST leadership on this effort.


  • Naomi Lefkovitz, Senior Privacy Policy Advisor, NIST
  • Donna Dodson, Chief Cybersecurity Advisor, NIST
  • Kevin Stine, Chief of the Applied Cybersecurity Division, NIST

Panel Discussion #2: Attributes of the Privacy Framework

Panelists will share cross-sector perspectives on what needs the Privacy Framework should address, as well as key attributes and structure of an effective privacy framework. Discussion topics will include: characteristics of a risk- and outcome-based privacy framework, creating a framework that’s understandable by non-privacy professionals, and supporting organizations’ ability to operate in different jurisdictions.

Moderator: Marc Groman, Principal, Groman Consulting Group LLC


  • Ron Whitworth, Senior Vice President and Chief Privacy Officer, SunTrust
  • Kent Landfield, Chief Standards and Technology Policy Strategist, McAfee
  • Sarah Morrow, Chief Privacy Officer, Texas Health and Human Services
  • Michelle Dennedy, Vice President and Chief Privacy Officer, Cisco


Panel Discussion #3: Core Privacy Practices

Panelists will explore practices for inclusion in the NIST Privacy Framework. Panelists will leverage their own experiences implementing different privacy practices and discuss the maturity of these practices, gaps, and how to structure a framework to help advance implementation of better privacy solutions.

Moderator: Rebecca Herold, CEO, The Privacy Professor; Founder, SIMBUS, LLC


  • Sagi Leizerov, Chief Data Solutions Officer, Prifender
  • Charlie Cabot, Research Lead, Privitar
  • Maritza Johnson, UX Principal, Good Research; Researcher, ICSI
  • Michelle Richardson, Director, Privacy and Data Project, Center for Democracy and Technology (CDT)

Recap of the Day and Next Steps

Kevin Stine, Chief, Applied Cybersecurity Division, NIST

Full Agenda PDF

Created August 20, 2018, Updated June 26, 2020