It is a challenge to design, operate, or use technologies in ways that are mindful of diverse privacy needs in an increasingly connected and complex environment. Deriving benefits from data while simultaneously managing risks to individuals’ privacy is not well-suited to one-size-fits-all solutions.
While good cybersecurity practices help manage privacy risk by protecting people’s data, privacy risks also can arise from how organizations process data to meet their mission or business objectives.
The National Institute of Standards and Technology (NIST) is developing a voluntary privacy framework to help organizations with:
- Building customer trust by supporting ethical decision-making in product and service design or deployment that optimizes beneficial uses of data while minimizing adverse consequences for individuals’ privacy and society as a whole;
- Fulfilling current compliance obligations, as well as future-proofing products and services to meet these obligations in a changing technological and policy environment; and
- Facilitating communication about privacy practices with customers, assessors, and regulators.
For more information, see the Privacy Framework fact sheet.
See the latest press release about the effort.
Check out the latest blog post about the effort.
To receive periodic updates about the process and opportunities to engage, subscribe to the Privacy Framework mailing list.