The National Institute of Standards and Technology released its draft of "Privacy Framework" that provides information on how agencies and partners could identify and manage privacy risks more efficiently amid the growing use of the internet and new information technology platforms.
“The Privacy Framework provides a common language for understanding, managing and communicating privacy risk with internal and external stakeholders,” NIST said in the document issued Tuesday. “Different types of entities—including sector-specific organizations—can use the Privacy Framework for different purposes, including the creation of common profiles.”
Agencies and organizations using or providing data processing systems, products or services in any sector can use the framework to identify and prioritize actions to address threats and align policy, business and technological approaches.
The NIST Privacy Framework provides guidelines to understand how the online and IT platforms and services affect users and how to integrate privacy practices into organizational processes to protect data and prevent damage. NIST said stakeholders can submit comments on the Privacy Framework to improve guidelines.