New Privacy Framework To Protect the Privacy of Workers and Customers

The National Institute of Standards and Technology (NIST) developed a Cybersecurity Framework in 2014 to assist private firms with evaluations of their security guidelines and to help them recognize, avoid, and respond to cyberattacks. Statistics from Gartner indicate that 30% of organizations have used the Cybersecurity Framework and all U.S. government agencies are required to use the Framework.

Currently NIST is making preparations for a new Framework. Rather than helping companies improve security, the new Framework will tackle data privacy and help companies protect the privacy of their workers and customers. The NIST Privacy Framework will be made available to enterprises but adoption is not mandatory.

The tool will help them identify and implement flexible privacy protection solutions and assess their current privacy protections. The objective of the Framework is to help companies utilize innovative technologies such as IoT and AI without accidentally violating the privacy of their employees and customers. If companies adopt this Privacy Framework, it will help them successfully control privacy risks.

Applying the Cybersecurity Framework and adhering to good cybersecurity best practices helps companies lessen the risk of security breaches. However, even if the Cybersecurity Framework is applied, privacy risks can still be introduced when companies collect, retain, use, and disclose data to fulfill their mission or business goals.

To produce the new Framework, NIST will be collaborating with the different markets, academic institutions, standard-setting agencies, federal institutions, regional, state, tribal, and foreign governments, and privately owned firms, gathering their feedback and advice on how best to protect privacy.

The first stage is to obtain feedback on the proposed Framework at a public workshop in Austin, Texas on October 16, at the same time as the annual conference of the International Association of Privacy Professionals.


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: