Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0



Kaitlin R. Boeckl, Naomi B. Lefkovitz


This publication describes the voluntary NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (Version 1.0). The Privacy Framework is a tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy. The Privacy Framework provides a flexible, risk- and outcome-based approach, intended to be widely usable by organizations of all sizes and agnostic to any particular technology, sector, law, or jurisdiction. The Privacy Framework follows the structure of the Framework for Improving Critical Infrastructure Cybersecurity to facilitate the use of both frameworks together. Complete information about the Privacy Framework is available at
OTHER - CSWP 01162020
Report Number
CSWP 01162020


privacy, privacy framework, risk management, privacy engineering
Created January 16, 2020, Updated May 14, 2020