Introduction to the National Institute of Standards and Technology (NIST) Privacy Framework v10
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
3 hours 39 minutes
Welcome to module 2.9
Introduction to National Institute of Standards and Technology, otherwise known as Nist
Privacy Framework. Version 1.0
in this module will cover what missed privacy framework. Version 1.2 covers also understanding of the specifics of the nest privacy framework. Version one point
So what is the framework cover
building consumer trust by supporting decision making in product and service design or deployment? And optimizes benefit beneficial uses of data while minimizing adverse consequences for individuals privacy and society as a whole
is a big part of the privacy framework.
I highlighted the word trust because trust and transparency as it relates to this framework
is a keystone to it
furthermore, fulfilling current compliance obligations as well as future proofing products and services to meet these obligations and changing technological and policy environment
and facilitating communication about privacy practices with individuals. Business partners, assessors and regulated regulators is a must.
So I've highlighted future proofing products and services and communication about privacy practices.
Future proofing and communication are big elements of the newness privacy framework.
What is in this privacy framework include?
Well, it includes an introduction to their framework.
The frameworks basics and how to use the framework.
The specifics of the privacy framework include
Core profiles and implementation tears
core an increasingly granular set of activities and outcomes that enable an organizational dialogue about managing privacy risk
profiles. Its selection of functions, categories and subcategories
from the core that an organization has prioritized to help manage privacy risks,
implementation tears. Communication about whether an organization has sufficient processes
and resources in place to manage privacy risks
and achieve its target profile.
Let's take a look at some of the figures
in the framework
on the upper left hand corner
Figure 1.2.1 or in section 1.2.1, cybersecurity and privacy risk management
here, simply put in this fun diagram, cybersecurity and privacy risks overlap to where both groups have responsibility as it relates to cyber security related privacy events.
If a cybersecurity privacy event occurs, both teams should be involved with addressing the event.
Note that cybersecurity events that are not privacy events would be something that only the cybersecurity group handles.
non cyber security related events that include privacy elements would be an area that potentially cybersecurity would not be involved in.
Upper right hand corner
is another diagram that shows
no no no no shell
collaboration and communication flows within an organization.
Senior executive level, business process manager level
and implementation operations level.
For those of you who have studied management, you can see that on the left side would be strategic in the middle, tactical and on the right
most likely operational,
there is collaboration that's required, that goes up and down and communications that goes up and down as well.
Lower left hand corner and figure eight.
The data processing ecosystem relationships.
Shows all the stakeholders who should be involved within your privacy program.
In the lower center,
a simplified method for establishing or improving a privacy program
is using the ready set go
Use and identify
P and govern P functions to get ready, set an action plan based on differences between current and target profiles
and last go forward with implementing the action plan,
the lower right hand corner. You see figure four. The privacy framework core structure. You can see your functions on the left hand side which is identified, govern control, communicate, protect. Broken down into categories and then further broken down into sub categories.
When did the next privacy framework version? One point get announced,
number 1, 2016. Number 2 2018 or number 3 2020?
The answer is 3 2020.
Specifically in january.
What do we cover in this module? Well, we discussed what this privacy framework version 1.0 is and we review this privacy framework version 1.0, implementation specifics and noteworthy figures.