Whether or not your organization has to implement good privacy practices to meet obligations imposed by applicable laws and regulations (e.g., GDPR or CCPA) incorporating good privacy practices will help your organization advance its mission.
The National Institute of Standards and Technology (NIST), the same folks who brought us such hits as the Cybersecurity Framework and Risk Management Framework, hosted a webinar today on the current draft of the Privacy Framework. Version 1.0 of the framework is anticipated to be available later this year. The Privacy Framework is non-prescriptive and risk- & outcome-based. It takes some cues from the Cybersecurity Framework; for example; it is structured around a core, profiles, and tiers. The Core provides a set of activities to achieve specific privacy outcomes. It is comprised of Functions, Categories, and Subcategories.
You can view the current draft at https://www.nist.gov/sites/default/files/documents/2019/04/30/nist-privacy-framework-discussion-draft.pdf.
The slide deck from the webinar is attached. Thank you, Bill
Thank you for sharing.