Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Past Events
Ready, Set, Update! Privacy Framework 1.1 + Data Governance and Management Profile Workshop
June 25, 2024 | 8:30 AM – 4:30 PM ET | In-person or Virtual
Herbert C. Hoover Building, 1401 Constitution Ave, NW, Washington, DC
June 26, 2024 | 9:00 – 10:30 AM ET | Virtual only breakout sessions
NIST held this hybrid public workshop to inform an update of the NIST Privacy Framework to version 1.1 and the development of a joint NIST Frameworks Data Governance and Management Profile (DGM Profile). With the release of version 2.0 of the NIST Cybersecurity Framework (CSF), NIST intends to make a modest update to the Privacy Framework to support realignment with the CSF. The update also provides an opportunity to ensure the Privacy Framework is still responsive to current privacy risk management needs since its release four years ago.
44th Global Privacy Assembly Istanbul 2022
October 25, 2022 | 2:45 PM – 3:50 PM | In-person | Istanbul, Turkey
Panel 2: Assessment of Emerging Technologies in the Light of Privacy Principles
Moderator: Michael McEvoy, Commissioner, British Columbia Information and Privacy Commission (OIPC), Canada
Panelists:
- Ann Cavoukian, Executive Director, Global Privacy & Security by Design Center
- Alessandra Pierucci, Chair of the Consultative Committee of Convention 108, Council of Europe
- Naomi Lefkovitz, Senior Privacy Policy Advisor Manager, National Institute of Standards and Technology, U.S. Department of Commerce
- Hüseyin Can Aksoy, Associate Professor, Faculty of Law, İhsan Doğramacı Bilkent University
- William Malcolm, Director, Privacy Legal of Google
Measures that can be taken from the initial development of technological systems and throughout their use will be discussed in order to prevent the misuse of personal data, in the balance of protection of personal data and development of artificial intelligence. In this context, privacy impact assessment, privacy by design and default, privacy enhancing technologies will be covered in the light of latest improvements of AI.
NIST Privacy Framework 101: Briefing from the NIST Privacy Engineering Program
June 6, 2022 | 3:30 PM – 5:00 PM PT | In-person
Venable LLP, 101 California Street, Suite 3800, San Francisco, CA 94111
- Jamie Danker, Senior Director of Cybersecurity Services, Venable LLP
- Dylan Gilbert, Privacy Policy Advisor, NIST
The Center for Cybersecurity Policy and Law invited the public to a briefing on the NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management from the National Institute of Standards and Technology’s (NIST) Privacy Engineering Program.
The RSA Conference is “where the world talks security,” and while we know that managing cybersecurity risk contributes to managing privacy risk, it is not sufficient to manage the full scope of privacy risk. The NIST Privacy Framework is a flexible tool, modeled after the NIST Cybersecurity Framework, that organizations can apply in a variety of ways, such as establishing or improving a privacy program, designing privacy into products and services to build better consumer trust, and strengthening organizational accountability through collaboration, communication, and measurable demonstration of regulatory compliance.
NIST provided a NIST Privacy Framework 101 briefing, highlighting how different organizations have been using it, and providing current and upcoming resources to support implementation, and left time in the end for attendees to ask questions.
Please note: The event was opened to the public, however we encouraged everyone to read the additional information about the event.
RSA Conference 2022
June 7, 2022 | 1:15 PM – 2:05 PM PT | San Francisco, California
Caterpillars to Butterflies: Transforming the Privacy Workforce
- Moderator: Dylan Gilbert, Privacy Policy Advisor, NIST
- Panelists:
- Katharina Koerner, Senior Fellow for Privacy Engineering, IAPP
- Juliet Okafor, CEO, RevolutionCyber
- Rebecca Richards, Director of Civil Liberties, Privacy, and Transparency, National Security Agency
In today’s dynamic, data-driven environment, a skilled, knowledgeable, and collaborative workforce capable of managing privacy and security risks is essential. Attendees learned from leading experts how to overcome challenges and utilize tools to transform the organization’s privacy staff from a compliance-oriented team to a cross-organizational, interdisciplinary risk management workforce.
Please note: RSA registration was required in order to attend.
HIMSS 22 Conference
March 15, 2022 | 4:15 PM – 5:15 PM ET | Orlando, FL
The Trust Factor: Privacy Framework Adoption in Healthcare
Dylan Gilbert, Privacy Policy Advisor, NIST
The voluntary NIST Privacy Framework promises to help organizations identify and manage privacy risk and optimize beneficial uses of data while protecting the privacy of individuals. Organizations have been putting this flexible tool into action to meet their unique needs and build trust. A report from the International Association of Privacy Professionals found that more than one-quarter of those surveyed have adopted the NIST Privacy Framework less than a year after its release. It also found that organizations with mature privacy programs, such as many in the healthcare industry, tend to be leveraging the NIST Privacy Framework and Cybersecurity Framework. In this session led by NIST, discover how and why healthcare organizations are implementing the NIST Privacy Framework, as well as the benefits they’re seeing and the lessons learned along the way. Plus, consider whether the NIST Privacy Framework is the missing piece to maturing and scaling up your organization’s privacy program
What attendees learned how to do:
- Assess how and why healthcare organizations are implementing the NIST Privacy Framework.
- Identify implementers’ benefits and lessons learned.
Analyze how the NIST Privacy Framework can help organizations foster and maintain trust in their products or services to drive value and growth.
NCCoE Learning Series Fireside Chat: Managing Privacy Risks with the NIST Privacy Framework
January 27, 2022 | 3:00 – 3:45 PM ET | Virtual
- Nakia Grayson, IT Security Specialist, Privacy Engineering Program, Supply Chain Assurance Project Lead, National Cybersecurity Center of Excellence
- Dylan Gilbert, Privacy Policy Advisor, Privacy Engineering Program, NIST
- Daniel Eliot (moderator), Outreach and Engagement, National Cybersecurity Center of Excellence
Joined the National Cybersecurity Center of Excellence (NCCoE) to celebrate Data Privacy Week 2022. On Thursday, January 27 at 3 p.m. EST, the panelists participated in a fireside chat to explore the NIST Privacy Framework, a voluntary tool designed to help organizations identify and manage privacy risks to build beneficial products and services while protecting individuals’ privacy.
The panelists explored:
- What the Privacy Framework is, how it articulates privacy risk, and how it aligns with the Cybersecurity Framework.
- How the NCCoE incorporates the Privacy Framework and the NIST Privacy Risk Assessment Methodology (PRAM) into their cybersecurity publications.
- How the growing number of Privacy Framework online tools and resources can help organizations implement the Framework in a way that is tailored to their unique goals and requirements.
NCCoE Virtual Workshop on the Cybersecurity of Genomic Data
January 26, 2022 | 11:00 AM – 4:30 PM ET | Virtual
NIST Experiences in Genomics, Cybersecurity, and Privacy from 11:00 - 11:30 AM ET
- Naomi Lefkovitz (NIST)
- Samantha Maragh (NIST)
- Ron Pulivarti (NIST)
The National Cybersecurity Center of Excellence (NCCoE) hosted a virtual workshop on January 26, 2022, from 11:00 AM - 4:30 PM (EST) to explore cybersecurity and privacy risks for genomic data. The event featured presentations by leaders and opportunities for audience participation.
NIST Privacy Framework Webinar
X Marks the Spot: Using Privacy Framework Regulatory Crosswalks to Integrate Compliance and Risk Management
December 1, 2021 | 2:00 – 3:15 PM ET | Virtual
Moderator:
Dylan Gilbert, Privacy Policy Advisor, NIST
Panelists:
R. Jason Cronk, Privacy Engineer, Enterprivacy Consulting Group
Jeewon Serrato, Partner, BakerHostetler
Paulo Vidigal, Partner, Prado Vidigal Advogados
Organizations seeking to leverage data to drive growth and offer innovative products and services can face a unique set of privacy compliance challenges. The legal landscape is complex and dynamic, with a lack of clarity around how to meet certain legal obligations. In addition, many data processing activities remain unregulated. Organizations must manage privacy risks to address these uncertainties.
Would your organization like to use the NIST Privacy Framework, but believes it must focus on meeting compliance obligations? Regulatory crosswalks that map legal requirements to the Privacy Framework Core provide a starting point for integrating compliance and risk management efforts. NIST and a panel of legal experts discussed how organizations can use regulatory crosswalks to implement the framework to:
- Create a foundational privacy program that can be tailored to different jurisdictions
- Bridge the gap between compliance requirements and designing or deploying compliant products and services
Go beyond compliance and take a forward-looking risk management approach to privacy to drive trust, growth, and innovation
IAPP Privacy. Security. Risk. 2021
Join the Team! Insights from NIST's Privacy Workforce Public Working Group
October 21, 2021 | 12:00 – 1:00 PM PT | In-person
Panelists:
Mary Chaney, CIPP/US, Director, Information Security and Privacy, ESPERION Therapeutics
Melanie Ensign, CEO, Discernible
Dylan Gilbert, Privacy Policy Advisor, NIST
J. Trevor Hughes, CIPP, President & CEO, IAPP
A skilled and knowledgeable workforce is a critical pillar of an effective privacy program, but demand is outpacing supply. The NIST Privacy Workforce Public Working Group (PWWG) has gathered hundreds of experts from around the world to create task, knowledge, and skill statements aligned with the NIST Privacy Framework and NICE Framework to support the development and recruitment of a robust workforce capable of managing privacy risk. In this session, attendees heard from PWWG leadership about this collaborative effort, including key insights and challenges with workforce development, and how to get engaged to build this community resource.
The attendees learned:
- Basic information about the PWWG effort, including the initiative’s goals, progress to date, and how to join.
- Gain insights into how PWWG members are developing a privacy workforce taxonomy and the important lessons learned from the process so far.
- Hear from industry leaders about current and future challenges in developing a workforce capable of managing privacy risk.
Help Wanted: Growing a Workforce for Managing Privacy Risk, Roundtable Discussion
October 21, 2021 | 2:30 – 3:30 PM PT | In-person
Moderator:
Dylan Gilbert, Privacy Policy Advisor, NIST
A skilled and knowledgeable workforce is a critical pillar of an effective privacy program, but demand is outpacing supply. In May 2021, NIST launched the Privacy Workforce Public Working Group (PWWG) with hundreds of experts from around the world collaborating to create task, knowledge, and skill statements aligned with the NIST Privacy Framework and NICE Framework to support the development and recruitment of a workforce capable of managing privacy risk. NIST had a roundtable discussion for attendees to learn about this collective effort and provide input.
The attendees learned how to:
- Find out about the PWWG and how to engage.
- Learn about the PWWG’s work to date, including challenges and lessons learned.
- Provide input on growing a workforce for managing privacy risk.
Virtual Seattle KnowledgeNet
NIST Privacy Framework
September 10, 2021 | 3:00 – 3:55 PM ET | Virtual
Dylan Gilbert, Privacy Policy Advisor, NIST
Dylan Gilbert, NIST joined this chapter meeting to talk about the NIST Privacy Framework: its origins, benefits, future plans, and time for Q and A.
RSA Conference 2021
Building Trust and Resilience: Privacy Risk Management for SMBs
May 17-20, 2021 | Virtual
Dylan Gilbert, Nakia Grayson, and Naomi Lefkovitz
The need for privacy programs that can adapt to evolving privacy risks has never been more important. NIST led participants through a topical use case to learn how to build a resilient and trustworthy privacy program using the NIST Privacy Framework and new supplemental resources designed for small and medium businesses or any organization with limited privacy resources.
Privacy + Security Forum Spring Academy 2021
NIST Privacy Framework IRL: the Rubber Meets the Road
May 25, 2021 | 3:30 – 4:30 PM ET | Virtual
Dylan Gilbert
The NIST Privacy Framework is a voluntary tool designed to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy. Organizations have picked up and put it into practice since its January release. Now it’s time to check in with these early adopters and hear straight from the source how and why they’ve operationalized it. Attendees will hear about implementation use cases, challenges and successes, and adoption tips.
ISACA Greater Washington DC
IT Governance and Risk Management
May 26, 2021 | 10:35 – 11:30 AM ET | Virtual
Nakia Grayson
For more than two decades, the Internet and associated information technologies have driven unprecedented innovation, economic value, and improvement in social services. Many of these benefits are fueled by data about individuals that flow through a complex ecosystem. As a result, individuals may not be able to understand the potential consequences for their privacy as they interact with systems, products, and services. growth. Following a transparent, consensus-based process including both private and public stakeholders to produce this voluntary tool, the National Institute of Standards and Technology (NIST) published this Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (Privacy Framework), to enable better privacy engineering practices that support privacy by design concepts and help organizations protect individuals’ privacy.
Austin, Dallas and San Antonio KnowledgeNet
Implementing the NIST Privacy Framework Version 1.0
March 30, 2021 | 1:00 – 2:00 PM ET | Virtual
Dylan Gilbert
The NIST Privacy Framework just celebrated its first birthday. Dylan Gilbert, Privacy Policy Advisor with the NIST Privacy Engineering Program discussed the Privacy Framework, lessons learned, and best practices for implementing the framework in your organization, as well as new framework resources.
Los Angeles and Northern Virginia KnowledgeNet
NIST Privacy Framework and CMMI Integration
March 17, 2021 | 6:30 – 7:45 PM ET | Virtual
Naomi Lefkovitz
Naomi Lefkovitz, Senior Privacy Policy Advisor joined a panel discussion to discuss how NIST Privacy Framework can be enhanced through the adoption and integration of CMMI.
IAPP Global Privacy Summit Online 2021
How NIST Protects Privacy in an Ever-Changing Compliance Landscape
February 16, 2021 | Virtual (On-Demand Only)
Naomi Lefkovitz
To help with the growing discussion and focus on privacy by customers and businesses alike, the National Institute of Standards and Technology (NIST) January 2020 released the NIST Privacy Framework Version 1.0, a framework to help companies achieve their privacy goals, including managing new privacy regulations, while working seamlessly with the widely used NIST Cybersecurity Framework. The one-two privacy-security punch is designed to be complementary in order to assist organizations in managing the high-wire act of balancing privacy and security in the digital age. This approach allows companies to reevaluate continually and adjust to new risks to drive data privacy excellence and heightened security policies across the data privacy and security ecosystem. This discussion centers on vital areas related to implementation of the framework and what it means for businesses seeking to assess their own privacy posture or those of its training partners.
Data Privacy Day: A Look at the NIST Privacy Framework 1.0
Celebrate Data Privacy Day One Day Early to Help You Stay One Step Ahead
Hosted by Armanino
January 27, 2021 | 2:00 – 3:00 PM ET | Virtual
Dylan Gilbert
NIST will join Hyperproof experts to present how to utilize the NIST privacy framework and relevant privacy expertise for efficient implementation of your privacy program globally by using appropriate technology to facilitate and speed up this process.
CPDP2021
Granular or Holistic Approach? Enforcing Privacy Rights in Complex ICT Ecosystems
January 27, 2021 | Virtual
Naomi Lefkovitz
Privacy & Cybersecurity Policy Academy
Hosted by The Council of State Governments
December 7, 2020, 2:45 - 3:45 PM EST | Virtual
COVID-19 & Health Care Impacts
Nakia Grayson
This webinar consisted of a presentation by Nakia Grayson, IT Security Specialist on privacy integration in NCCoE's Securing Telehealth Remote Patient Monitoring Ecosystem work. Followed by the presentation was a panel with other presenters on this topic.
December 7, 2020, 4:15 - 5:00 PM EST | Virtual
The Transition to Telework and Beyond
Dylan Gilbert
This webinar consisted of a presentation by Dylan Gilbert, Privacy Policy Advisor on using the NIST Privacy Framework to manage and set up remote government operations and what they expect to see in the future for digital government. Followed by the presentation was a panel with other presenters on this topic.
Ethical Management of AI: A French-American Dialogue Virtual Symposium
Hosted by France Atlanta
November 10, 2020, 9:00 - 10:30 AM EST | Virtual
Naomi Lefkovitz
This webinar consisted of a panel, discussing practical approaches in privacy. Naomi Lefkvovitz, NIST Senior Privacy Policy Advisor provided a US perspective on this topic.
Applying the NIST Privacy Framework in Healthcare
Hosted by Paubox
November 5, 2020, 1:00 - 2:00 PM EST | Virtual
Dylan Gilbert
This webinar consisted of a panel, discussing how the Privacy Framework applies to healthcare, effectively manage privacy risk, why and how the Privacy Framework works.
Risk + Exposure: Part 1: The Growing Role of Data Protection in the Security Industry
Hosted by the Security Industry Association (SIA) Data Privacy Advisory Board
November 5, 2020, 3:15 - 3:55 PM EST | Virtual
Dylan Gilbert
The Security Industry Association (SIA) invited the National Institute of Standards and Technology (NIST) to join a panel of industry experts for a discussion on resources and best practices. Dylan Gilbert, Privacy Policy Advisor provided guidance on how to implement an effective and compliant data privacy program.
16th AMC Security & Privacy Virtual Conference
October 22, 2020 | Virtual
NIST Privacy Framework: A Healthcare Guide
Nakia Grayson
The NIST Privacy Framework is designed to help organizations:
- Identify, assess, manage, and communicate privacy risks
- Develop innovative approaches to protect individuals’ privacy
- Increase trust in products and services
- Have a tool that would assist with enterprise privacy risk management
Process-oriented privacy principles (such as the Fair Information Practice Principles (FIPPs)) are an important component of an overall privacy strategy, but on their own have not achieved consistent and measurable results in privacy protection. In the security field, risk management models, along with technical standards and best practices, are key components of improving security. The NIST Privacy Framework applies successful security methodology, with clearly stated objectives and measurable outcomes, to the protection of privacy.
The Federal 100 Winner Showcase: Cyber
October 1, 2020 | Virtual
Naomi Lefkovitz
Help Wanted: Growing a Workforce for Managing Privacy Risk
Hosted by the International Association of Privacy Professionals
Tuesday, September 22 - Thursday, September 24, 2020 | Virtual
On September 22-24, 2020, the International Association of Privacy Professionals (IAPP) hosted a virtual workshop on the development of a workforce capable of managing privacy risk. NIST joined the IAPP to lead working sessions where stakeholders shared feedback on the roles, tasks, knowledge, and skills that are necessary to achieve the Privacy Framework’s outcomes and activities. NIST will use this feedback to inform the development of a privacy workforce taxonomy.
Security Professionals Conference Online
#1 Strategy to Comply with Evolving Global Privacy Regulations (on demand session)
June 2-4, 2020 | Online
Speaker: Katie Boeckl
SIA GovSummit
The Evolving Landscape of Data Privacy Policy and Its Impact
June 1, 2020, 3:00-3:30 PM ET | Online
Speaker: Dylan Gilbert
RSA Conference 2020
February 24 – 28, 2020 | San Francisco, California
This NIST Privacy Framework team was in San Francisco during RSA Conference 2020. Here are the events and sessions.
NIST Privacy Framework Roadmap Roundtable
Thursday, February 27, 2020, 2:00 - 4:00 PM PT
San Francisco Marriott Marquis (Golden Gate C1 Room): 780 Mission St, San Francisco, CA 94103
What are the key trends in privacy engineering? NIST leadership and stakeholders discussed the Privacy Framework, the Framework roadmap, and their priorities for privacy. We asked stakeholders to bring their expertise to help determine next steps to address key privacy challenges, including guidance and standards, needed capabilities for emerging technologies, increasing global privacy interoperability, and more.
NIST Privacy Framework IRL: Use Cases from the Field
Wednesday, February 26, 2020, 8:00 - 8:50 AM PT
RSA Conference, Moscone West
Speakers:
- Naomi Lefkovitz, Senior Privacy Policy Advisor, NIST
- Timothy McIntyre, Associate General Counsel, Privacy and Product, Okta
- Nick Oldham, Chief Privacy and Data Governance Officer, Equifax
The NIST Privacy Framework is here! This voluntary tool for enterprise risk management helps organizations answer a fundamental question: how are we considering the privacy impacts to individuals as we develop systems, products and services? We discussed the framework through two early adopter implementation use cases, heard about the challenges and successes, and received adoption tips.
NIST Privacy Framework Implementation Roundtable
Tuesday, February 25, 2020, 1:00 - 2:30 PM PT
Venable: 101 California St, 38th Floor, San Francisco, CA 94111
Version 1.0 of the NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management is here! This roundtable was an interactive conversation with your peers about putting the Privacy Framework into practice. Heard from early adopters of the Privacy Framework about their hands-on experience with this voluntary tool and took this opportunity to discuss questions with NIST leadership. To learn more about the Framework, see the recording of the NIST Privacy Framework Webinar: Ready, Set, Adopt Version 1.0.
NIST Privacy Framework V1.0 Panel at IAPP: Privacy: Engineering and Standards
Monday, February 24, 2020, 10:00 AM - 11:00 AM PT
RSA Conference, Moscone West
Speakers:
- Naomi Lefkovitz, Senior Privacy Policy Advisor, NIST
- Ron Whitworth, Senior Vice President, Chief Privacy Officer, Truist
- Mike Shapiro, Chief Privacy Officer, County of Santa Clara
Attendees learned about NIST’s new Privacy Framework and how it’s working for early adopters.
Privacy Framework Launch Event
Hosted by CSIS
Wednesday, February 19, 2020, 2:00 - 3:30 PM | Washington, DC
The CSIS Technology Policy Program invites you to attend the public rollout of the NIST Privacy Framework on February 19. Developed in collaboration with a range of stakeholders, the Framework seeks to provide organizations with voluntary tools to manage privacy risks associated with their products and services. This event will feature a keynote address by NIST Director, Dr. Walter Copan, and a panel discussion on the evolution of the framework and next steps. The event will be webcast live from the CSIS event page.
The Intersection of the Privacy and Cybersecurity Workforce
Wednesday, February 19, 2020, 2:00 - 3:00 PM ET | Webinar
With the rise of a more digitally connected society, the intersection between privacy and cybersecurity grows closer. The NICE Cybersecurity Workforce Framework includes a few components covering privacy, including a work role for Privacy Officer/Privacy Compliance Manager, but what does the privacy workforce truly look like? What are the privacy principles that cybersecurity workers should know? This webinar will introduce the newly released Privacy Framework and describe the need for and mechanisms for building a workforce skilled in privacy.
NIST Privacy Framework Webinar: Ready, Set, Adopt Version 1.0
Hosted by NIST
Wednesday, January 29, 2020, 1:00 - 3:00 PM ET
This webinar discussed the recently-released NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (version 1.0). NIST leadership on the Framework effort provided an in-depth review of the Framework and how this voluntary tool can be used by organizations to identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy. Attendees also learned about adopting the Framework and resources to support implementation.
How to Align Your Data Security and Privacy Tactics Using NIST Frameworks
Hosted by FairWarning
Tuesday, January 28, 2020, 2:00 - 2:45 PM ET | Online
NIST Privacy Risk Strategist Katie Boeckl and FairWarning General Manager Mike Mason covered the new Privacy Framework, best practices for making your privacy and security programs work together, and more.
CPDP 2020 Data Protection and Artificial Intelligence
Wednesday, January 22, 2020 at 8:45 AM-10:00AM CET | Brussels, Belgium
Building Privacy Foundations Today for Tomorrow’s Tech - Naomi Lefkovitz
NIST Privacy Framework Event
Hosted by the Cybersecurity Coalition and Better Identity Coalition
Thursday, January 9, 2020 at 8:30 AM-11:00 AM ET | Washington, DC
The National Institute of Standards and Technology, in partnership with the Cybersecurity Coalition and the Better Identity Coalition, invited stakeholders to a workshop on the NIST Privacy Framework. The event hosted a panel of experts, moderated by Ari Schwartz, who discussed how the Privacy Framework can help organizations to manage privacy risks and navigate an evolving technological, policy, and compliance landscape.
Speakers:
- Kent Landfield, Chief Standards and Technology Policy Strategist, McAfee
- Naomi Lefkovitz, Senior Privacy Policy Advisor, NIST
- Nick Oldham, Chief Privacy and Data Governance Officer, Equifax
- Michelle Richardson, Director, Privacy and Data Project, Center for Democracy and Technology
- Ari Schwartz, Managing Director of Cybersecurity Services, Venable
IAPP Privacy. Security. Risk. 2019: NIST Privacy Framework: V1.0 is Coming!
Wednesday, September 25, 2019, 8:45 AM - 9:45 AM PT | Las Vegas, NV
Naomi Lefkovitz & Ellen Nadeau
The NIST Privacy Framework: An Enterprise Risk Management Tool is nearing V1.0 release, but NIST still wants your input! Feedback from public and private sector stakeholders has played a key role at each milestone throughout the development of the framework, and NIST continues to seek your input as they reach for the framework finish line. This session provided attendees with a closer look at the latest framework draft from NIST leadership on the effort, and shared feedback and insights that helped inform the development of Privacy Framework Version 1.0.
This presentation was part of IAPP Privacy. Security. Risk 2019 so conference registration was required to attend.
NIST Privacy Framework: V1.0 is Coming!
Wednesday, September 25, 2019, 4:00 PM - 5:00 PM ET | Tampa, FL
Katie Boeckl
The NIST Privacy Framework: An Enterprise Risk Management Tool is nearing V1.0 release, but NIST still wants your input! Feedback from public and private sector stakeholders has played a key role at each milestone throughout the development of the framework, and NIST continues to seek your input as they reach for the framework finish line. This session provided attendees with a closer look at the latest framework draft from NIST, and shared feedback and insights that helped inform the development of Privacy Framework Version 1.0.
NIST Privacy Framework Roundtable for State & Local Government
Monday, September 23, 2019, 9:00 AM - 10:00 AM PT | Las Vegas, NV
Naomi Lefkovitz & Ellen Nadeau
The National Institute of Standards and Technology (NIST) invited local and state government representatives for a roundtable discussion on the recently-released Preliminary Draft of the Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management! Naomi Lefkovitz (Senior Privacy Policy Advisor and Lead for the Privacy Framework) and Ellen Nadeau (Deputy Manager for the Privacy Framework) lead the discussion, co-located with IAPP Privacy. Security. Risk. 2019. NIST is developing this voluntary framework, in collaboration with private and public sector stakeholders, to help organizations: better identify, assess, manage, and communicate privacy risks; foster the development of innovative approaches to protecting individuals’ privacy; and increase trust in products and services. During the roundtable, attendees shared their input on the latest content in the evolving development of this tool, and learned about the process to date and how to become an early adopter. This roundtable was opened to the public.
NIST Privacy Framework Webinar: Ready, Set, Comment on the Preliminary Draft
Hosted by NIST
Tuesday, September 17, 2019, 2:00 PM - 3:30 PM ET
NIST leadership walked through the recently released Preliminary Draft of the Privacy Framework and shared how stakeholder feedback helped inform its development. Attendees had the opportunity to ask questions, and learn about the current request for comment and next steps.
Chief Privacy Officers Breakfast Roundtable
Tuesday, August 13, 2019, 9:00 AM - 10:00 AM PT | San Francisco, CA
Naomi Lefkovitz
IAPP, NIST and the California Lawyers Association invited stakeholders to join us for a peer-to-peer roundtable, allowing privacy decision-makers to discuss off-the-record the practical impact new and emerging laws, regs, and standards have on how to design and implement the privacy framework for organizations, including: the latest on CCPA amendments, draft AG rules, and the NIST Draft Privacy Framework. Naomi Lefkovitz, Senior Privacy Policy Advisor and Lead for the Privacy Framework discussed the Privacy Framework effort leading up to a preliminary draft.
August 2019 Privacy Lab - NIST Framework
Tuesday, August 13, 2019, 6:30 PM - 8:00 PM PT | San Francisco, CA
Naomi Lefkovitz & Ellen Nadeau
The Privacy Lab invited stakeholders to join the National Institute of Standards and Technology (NIST) for a discussion on the updated draft of their Privacy Framework seeking feedback prior to its planned October 2019 release. Naomi Lefkovitz, Senior Privacy Policy Advisor and Lead for the Privacy Framework and Ellen Nadeau, Deputy Manager for the Privacy Framework led the discussion. NIST is developing this voluntary framework, in collaboration with private and public sector stakeholders, to help organizations: better identify, assess, manage, and communicate privacy risks; foster the development of innovative approaches to protecting individuals' privacy; and increase trust in products and services.
Privacy Networking Roundtable
Thursday, August 15, 2019, 4:00 PM - 5:30 PM PT | Mountain View, CA
Naomi Lefkovitz
The IAPP and the California Lawyers Association invited stakeholders to join the National Institute of Standards and Technology (NIST) for a roundtable discussion on the Draft Privacy Framework. Naomi Lefkovitz, Senior Privacy Policy Advisor and Lead for the Privacy Framework led the discussion. NIST is developing this voluntary framework, in collaboration with private and public sector stakeholders, to help organizations: better identify, assess, manage, and communicate privacy risks; foster the development of innovative approaches to protecting individuals' privacy; and increase trust in products and services. There was a panel presentation, followed by a networking reception to allow privacy professionals in Silicon Valley to discuss off-the-record the practical impact new and emerging laws, regs, and standards have on how to design and implement the privacy framework for organizations, including how to incorporate CCPA implementation into the privacy framework, the latest CCPA amendments, and the draft AG rules.
NIST Privacy Framework Roundtable
Thursday, August 15, 2019, 10:00 AM - 11:00 AM PT | San Jose, CA
Naomi Lefkovitz & Ellen Nadeau
The Santa Clara County Privacy Office invited local government representatives to join the National Institute of Standards and Technology (NIST) for a roundtable discussion on the Privacy Framework! Naomi Lefkovitz (Senior Privacy Policy Advisor and Manager, Privacy Engineering Program) and Ellen Nadeau (Deputy Manager for the Privacy Framework) led the discussion. NIST is developing this voluntary framework, in collaboration with private and public sector stakeholders, to help organizations: better identify, assess, manage, and communicate privacy risks; foster the development of innovative approaches to protecting individuals’ privacy; and increase trust in products and services. Join this roundtable to share your input on the latest content in the evolving development of this tool, and to learn about the process to date and how to become an early adopter.
Roundtable Discussion on the NIST Privacy Framework
Thursday, August 15, 2019, 2:00 PM - 3:30 PM PT | San Francisco, CA
Naomi Lefkovitz & Ellen Nadeau
The Providence Group and Reed Smith LLP invited stakeholders to join the National Institute of Standards and Technology (NIST) for a roundtable discussion on the Privacy Framework. Naomi Lefkovitz, Senior Privacy Policy Advisor and Lead for the Privacy Framework, and Ellen Nadeau, Deputy Manager for the Privacy Framework led the discussion. NIST is developing this voluntary framework, in collaboration with private and public sector stakeholders, to help organizations: better identify, assess, manage, and communicate privacy risks; foster the development of innovative approaches to protecting individuals’ privacy; and increase trust in products and services.
Getting to V1.0 of the NIST Privacy Framework: Workshop #3
Hosted by Boise State University
Monday, July 8 - Tuesday, July 9, 2019 | Boise, Idaho
NIST hosted the third in a series of public workshops on the development of the Privacy Framework: An Enterprise Risk Management Tool on July 8th-July 9th in Boise, Idaho. We thank Boise State University for hosting this two-day event, where attendees had an opportunity to actively engage in facilitated discussions to advance the development of the framework. Participants were encouraged to review the supplemental materials provided for discussion at the workshop. This workshop was opened to the public.
NIST Privacy Framework 101 Webinar: Preparing for Workshop #3
Hosted by NIST
Thursday, June 27, 2019, 2:00 - 4:00 PM ET
This webinar provides a 101 session on the NIST Privacy Framework: An Enterprise Risk Management Tool in preparation for Getting to V1.0 of the NIST Privacy Framework: Workshop #3, in Boise, Idaho. NIST leadership on the framework effort speak about the ongoing development process, an in-depth review of the discussion draft, and progress to date. This webinar is a primer on the Privacy Framework, to help individuals arrive in Boise ready to engage with the newest materials.
2019 Health Law Institute
Hosted by Minnesota Continuing Legal Education (CLE)
Thursday, June 20, 2019
NIST-Facilitated Discussions on the NIST Privacy Framework (Ellen Nadeau)
In her June 20th plenary session, Ms. Nadeau briefed Institute attendees on NIST’s development of a voluntary privacy framework as an enterprise risk management tool. Then, in two breakout sessions that same day, Institute attendees had the additional opportunity to actively engage in facilitated discussions to advance the development of the framework. NIST will use the breakout sessions’ input to validate or adjust the discussion draft of the Privacy Framework, to support the next stage of development of the framework.
Webinar: NIST Privacy Framework Discussion Draft
Hosted by NIST
Tuesday, May 28, 2019, 1:00 - 2:30 PM ET
On this webinar, NIST leadership on the Privacy Framework development effort walked through the discussion draft of the framework and how stakeholder feedback helped inform its development. Attendees had the opportunity to ask questions and provide feedback to the speakers to help NIST move from a discussion draft to a preliminary draft of the framework.
IAPP Canada Privacy Symposium 2019
NIST Roundtable: Privacy Framework Discussion Draft (Ellen Nadeau)
Friday, May 24, 2019, 3:30 - 4:30 PM ET | Toronto, Canada
On the heels of the second NIST Privacy Framework workshop, Ms. Nadeau, Deputy Manager for the Privacy Framework discussed the framework discussion draft. In this session, NIST provided an overview of the document, and engaged participants in discussion to hear feedback on this latest milestone in the Privacy Framework’s development.
Drafting the NIST Privacy Framework: Workshop #2
Hosted by Georgia Tech Scheller College of Business
Monday, May 13-Tuesday, May 14, 2019 | Atlanta, Georgia
NIST hosted the second in a series of public workshops on the development of the Privacy Framework: An Enterprise Risk Management Tool on May 13th-14th in Atlanta, Georgia. In this two-day event, attendees had an opportunity to actively engage in facilitated discussions to advance the development of the framework. Prior to this workshop, NIST released a discussion draft. NIST used the breakout sessions at this workshop as input to validate or adjust the discussion draft to support the next stage of the process; releasing a draft framework.
Videos & Event Page Discussion Draft (PDF) Workshop Summary (PDF)
NIST Privacy Framework Roundtable
Wednesday, May 1, 2019, 3:30 - 5:30 PM ET | Washington, DC
NIST leadership discussed the latest on the NIST Privacy Framework effort. In this roundtable, NIST provided an overview of progress and engage participants in small group discussions to get feedback on the framework’s development. This event took place after the IAPP Privacy Engineering Section Forum – attendees had an opportunity to share their comments on building a valuable privacy risk management tool!
NIST Privacy Framework Roundtable
Hosted by Wilkinson Barker Knauer, LLP
Thursday, April 4, 2019, 10:00-11:30 AM ET | Washington, DC
Roundtable Discussion on the NIST Privacy Framework
Hosted by The Providence Group and Reed Smith LLP
Tuesday, March 26, 2019, 2:00 PM - 3:30 PM ET | Washington, DC
Information Security and Privacy Advisory Board Meeting
Wednesday, March 20, 2019 | Washington, DC
Brief on NIST Privacy Framework Program - Naomi Lefkovitz & Ellen Nadeau
Live Webinar: Outlining the NIST Privacy Framework
Hosted by NIST
Thursday, March 14, 2019, 1:30 PM - 3:00 PM ET | Online
NIST leadership on the Privacy Framework effort walked through the outline of the framework and how the Request for Information responses helped inform its development, as well as a discussion of next steps. Attendees had the opportunity to ask questions of the NIST speakers during the Q&A session.
RSA Conference 2019
NIST Privacy Framework Learning Session: Status Update & Next Steps
Monday, March 4, 2019, 5:00 PM - 6:00 PM PT | San Francisco, California
For a transcript of remarks delivered by Dr. Walter G. Copan, Under Secretary of Commerce for Standards and Technology and NIST Director, visit this page.
The NIST Privacy Framework: What It Is and What It Means for You
Wednesday, March 6, 2019, 1:30 PM - 2:20 PM PT | San Francisco, California
HIMSS Conference
February 11, 2019 | Orlando, FL
The NIST Privacy Framework: What It Is And What It Means For You - Kevin Stine & Ellen Nadeau
Live Webinar: Q&A on the NIST Privacy Framework
Hosted by NIST
November 29, 2018 | Online
This webinar provided attendees with more information about the Request for Information (RFI) regarding the NIST Privacy Framework: An Enterprise Risk Management Tool. Attendees learned from NIST leadership about the input NIST is soliciting via this RFI, including organizational considerations for privacy risk management, the structure of the Privacy Framework, and specific privacy practices to be included. Attendees also asked questions about the RFI during a Q&A session.
Federal Computer Security Managers’ Forum Meeting (FCSM)
Hosted by NIST
November 28, 2018 | Gaithersburg, Maryland
Naomi Lefkovitz
Note: Participation in the FCSM is limited to US federal, state, and local government, and higher education employees who participate in the management of their organization's information security program and have a .gov, .mil, or .edu email address. Designated support contractors may also join the FCSM using a .gov or .mil email address.
NIST Cybersecurity Risk Management Conference
Hosted by NIST
November 7, 2018 | Baltimore, Maryland
Naomi Lefkovitz
Information Security and Privacy Advisory Board Meeting
November 1, 2018 | Washington, DC
Brief on NIST Privacy Framework Program - Naomi Lefkovitz
Symantec Government Symposium
October 30, 2018 | Washington, DC
GDPR – The New Norm? - Naomi Lefkovitz
40th International Conference of Data Protection and Privacy Commissioners
October 23, 2018 | Brussels, Belgium
Using risk management to think about privacy and trust as critical brand assets - Naomi Lefkovitz
Kicking off the NIST Privacy Framework: Workshop #1
Hosted by NIST
Tuesday, October 16, 2018, 2:30 - 5:30 PM CT | Austin, Texas
NIST hosted the first in a series of public workshops on the development of the Privacy Framework: An Enterprise Risk Management Tool on October 16th in Austin, Texas. In this half-day event, attendees learned from NIST representatives what to expect from the Privacy Framework development process. They also heard from panels of experts how organizations are currently managing privacy risks, and where the challenges lie. The workshop provided an opportunity to begin the discussion of how the Privacy Framework can meet organizations’ needs to better protect individuals’ privacy.
Event Page Full Agenda (PDF) Supplemental Material Workshop Summary (PDF)
Developing the NIST Privacy Framework: How can a collaborative process help manage privacy risks?
Hosted by the Brookings Institution
Monday, September 24, 2018, 9:00 AM - 12:00 PM ET | Washington, DC
On September 24, 2018, the Center for Technology Innovation at Brookings hosted experts for a half-day forum on the development of the NIST Privacy Framework and privacy risk management. Through keynotes and panel discussions, experts shared their perspectives on the current and future state of privacy practices from both an implementation and policy perspective, as well as the potential domestic and international impact of this Privacy Framework. Attendees learned directly from NIST leadership about their plans for the framework development, heard industry responses, and explored the issues presented by a framework approach to privacy.
For videos from the event, visit the Brookings event page.
For a transcript of remarks delivered by Dr. Walter G. Copan, Under Secretary of Commerce for Standards and Technology and NIST Director, visit this page.