Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Hypothetical Use Cases

 

NIST has developed these hypothetical use cases to improve understanding of how to develop Profiles to increase collaboration and dialogue across organizations and support risk-based decisions. If you’d like to share a real implementation success story, contact us. They provide examples of how an organization might develop its Profiles using the Ready, Set, Go model in Section 3.3 of the Privacy Framework. There is no set model or format for developing Profiles, so each organization may select what works best for its environment and communication style. Moreover, these hypothetical Profiles are not intended to be comprehensive or cover every Category or Subcategory that an organization may select in a given scenario; they are designed merely to provide illustrations of how the Privacy Framework Core could be used.

A Simplified Method for Establishing or Improving a Privacy Program

Ready: use the Identify-P and Govern-P Functions to get “ready.”
Set: “set” an action plan based on the differences between Current and Target Profile(s).
Go: “go” forward with implementing the action plan.

Hypothetical #1: Compliance-oriented Large Organization

Hypothetical #1 (PDF)

Hypothetical #2: Small Business without an Established Privacy Program

Hypothetical #2 (PDF)

Created January 8, 2020, Updated January 16, 2020