Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Privacy Framework
The NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management
Version 1.0 (January 2020)
Framework (PDF) Core (XLSX) Core (DOCX)
See what changed between the Preliminary Draft Core and the V1.0 Core.
The contents of this document do not have the force and effect of law and are not meant to bind the public in any way.
Framework Evolution and Next Steps
Stakeholder Engagement
Over the next year, NIST intends to engage with stakeholders in various ways, including industry conferences and other outreach activities such as webinars and workshops to promote use of the Framework, the sharing of best practices among stakeholders, and collaboration on addressing the challenges outlined in the Roadmap.
Future Updates
The Framework is intended to be a living document. NIST will continue to serve in the capacity of convener and coordinator to gather lessons learned and ensure that the Framework continues to evolve to meet the needs of stakeholders. NIST will receive and consider comments informally until such time as it announces a new public process for revising Version 1.0.