Presentation is loading. Please wait.

Presentation is loading. Please wait.

NIST Privacy Framework

Published bySydney Shields Modified over 5 years ago

Similar presentations

Presentation on theme: "NIST Privacy Framework"— Presentation transcript:

1 NIST Privacy Framework 4.10.19

2 Privacy Risk Management
Information Security and Privacy Relationship There is a clear recognition that security of data plays an important role in the protection of privacy Individual privacy cannot be achieved solely by securing data Authorized processing: system operations that handle data (collection – disposal) to enable the system to achieve mission/business objectives

3 Request for Information RFI Analysis & Framework Outline
Process to Date Workshop #1 Austin, TX Oct 16, 2018 Request for Information Nov 14, 2018 – Jan 14, 2019 RFI Webinar Nov 29, 2018 RFI Analysis & Framework Outline Feb 27, 2019 Outline Webinar March 14, 2019 ONGOING ENGAGEMENT Feedback encouraged and promoted throughout the process

4 Upcoming Opportunities to Engage
Drafting the NIST Privacy Framework: Workshop #2 Monday, May 13 - Tuesday, May 14, 2019 Hosted by Georgia Tech Scheller College of Business Atlanta, Georgia

5 Compatible and Interoperable

6 Benefits of Framework Attributes

7 NIST Privacy Framework: Review of Outline and RFI Analysis

8 Privacy Risk Management
Privacy Risk Factors: Likelihood | Problematic Data Action | Impact Examples of problems: embarrassment, loss of autonomy, discrimination, economic loss

9 Alignment with the Cybersecurity Framework: Profiles

10 Alignment with the Cybersecurity Framework: Tiers
1. PARTIAL 2. RISK-INFORMED 3. REPEATABLE 4. ADAPTIVE Elements per tier: Risk Management Process Informal, ad hoc privacy risk management processes  processes that enable continuous adaptation to changing technologies and data processing activities and incorporate the use of advanced privacy-enhancing technologies Integrated Risk Management Program A limited awareness of privacy risk at the organizational level  all levels of the organization being able to make decisions with a clear understanding of the relationship between privacy risk organizational objectives Ecosystem Relationships Entity does not understand its role in the larger ecosystem with respect to other entities  the entity understands its role in the larger ecosystem and contributes to the community’s broader understanding and management of privacy risks Workforce A workforce that has little or no understanding of privacy risks  a workforce that includes specialized privacy skillsets throughout the organizational structure

11 Alignment with the Cybersecurity Framework: Core
CATEGORIES SUBCATEGORIES INFORMATIVE REFERENCES FUNCTIONS Identify Protect Control Inform Respond

12 Roadmap

13 Resources Website Mailing List Contact Us
Mailing List ramework Contact Us @NISTcyber #PrivacyFramework

Download ppt "NIST Privacy Framework"

Similar presentations

GEOSS Data Sharing Principles. GEOSS 10-Year Implementation Plan 5.4 Data Sharing The societal benefits of Earth observations cannot be achieved without.

GEOSS Data Sharing Principles. GEOSS 10-Year Implementation Plan 5.4 Data Sharing The societal benefits of Earth observations cannot be achieved without.
E.g. 4.3.2 Act as a positive role model for innovation 4.3.1. Question the status quo 2.3.4 Keep the focus of contribution on delivering and improving.

E.g Act as a positive role model for innovation Question the status quo Keep the focus of contribution on delivering and improving.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
NIST Cryptographic Standards Process Review Tim Polk NIST November 7, 2013.

NIST Cryptographic Standards Process Review Tim Polk NIST November 7, 2013.
U.S. General Services Administration Presentation to: Software and Supply Chain Assurance Forum Improving Cybersecurity through Acquisition December 17,

U.S. General Services Administration Presentation to: Software and Supply Chain Assurance Forum Improving Cybersecurity through Acquisition December 17,
An e-Learning Strategy to promote technology enabled learning i n UCC Teaching & Learning workshop 30 October, 2012.

An e-Learning Strategy to promote technology enabled learning i n UCC Teaching & Learning workshop 30 October, 2012.
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order 13636 “Improving Critical Infrastructure Cybersecurity”

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”
Defining high-performance What is FM Diagnostics? A demonstration An application Benefits Today’s Agenda.

Defining high-performance What is FM Diagnostics? A demonstration An application Benefits Today’s Agenda.
Challenges Faced in Developing Audit Plans and Programs 21 st March, 2013.

Challenges Faced in Developing Audit Plans and Programs 21 st March, 2013.
National Standards for Safer Better Healthcare

National Standards for Safer Better Healthcare
The IUCN Programme 2013-2016 Nature+ Proposal, May 2011.

The IUCN Programme Nature+ Proposal, May 2011.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Https://www.youtube.com/watch?v=Jkmw9oGIDhI.

Year Seven Self-Evaluation Workshop OR Getting from Here to There Northwest Commission on Colleges and Universities.

Year Seven Self-Evaluation Workshop OR Getting from Here to There Northwest Commission on Colleges and Universities.
TEMPLATE DESIGN © 2008 www.PosterPresentations.com How the Caring Sciences Align and Reinforce Our WCH Vision Leading with Care STAR Leadership Modules.

TEMPLATE DESIGN © How the Caring Sciences Align and Reinforce Our WCH Vision Leading with Care STAR Leadership Modules.
VisualConnect™ Waterfield© Strategic Planning Workshop Wednesday 4 th November 2009.

VisualConnect™ Waterfield© Strategic Planning Workshop Wednesday 4 th November 2009.
Using Risk Management to Improve Privacy in Information Systems 1.

Using Risk Management to Improve Privacy in Information Systems 1.
Ohio Housing Finance Agency – Strategic Priority Culture Initiative Ohio Housing Finance Agency Strategic Priority Culture Initiative.

Ohio Housing Finance Agency – Strategic Priority Culture Initiative Ohio Housing Finance Agency Strategic Priority Culture Initiative.
Quality Enhancement Plan It’s all about... Mission Statement …provides accessible quality educational opportunities, promotes economic growth, and enhances.

Quality Enhancement Plan It’s all about... Mission Statement …provides accessible quality educational opportunities, promotes economic growth, and enhances.
Www.londondeanery.ac.uk/ Educational implication of revalidation Appraisal and Revalidation Support March 2012.

Educational implication of revalidation Appraisal and Revalidation Support March 2012.

Similar presentations

Ads by Google