Making privacy an easier conversation

The National Institute of Standards and Technology’s Privacy Framework, a companion to the more mature Cybersecurity Framework, helps organizations move beyond a check-the-box compliance exercise and engineer privacy into their systems in an approach that parallels more familiar enterprise IT security programs.

Already having achieved an estimated 25% penetration only nine months into the program, the Privacy Framework makes it easy to visualize the relationship between what an individual experiences directly from a privacy breach and the impact on the organization responsible, helping enterprises build customer trust and meet their compliance obligations.

One of the surprising benefits, though, has been the way the Privacy Framework encourages communication, NIST Senior Privacy Policy Adviser Naomi Lefkovitz, the Privacy Framework’s point person, said during a recent event showcasing 2020 Federal 100 Award winners.  This is because the framework gives stakeholders a common way to talk about risk, she explained.

From a simple red-yellow-green heatmap creating an ah-ha moment for senior management to a detailed gap analysis, organizations are using NIST’s Privacy Framework to “support their ability to conduct ethical decision making, to find ways to optimize beneficial uses of data while minimizing adverse consequences for individuals privacy,” she said.

Read about all the 2020 Federal 100 winners here.

Editor's note: This piece as changed Oct. 27 to correct Naomi Lefkovitz's name.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected