The U.S. National Institute of Standards and Technology (NIST) has released an updated version of its Privacy Framework in an effort to better align it with its Cybersecurity Guidelines.
According to a press release, version 1.1 of the NIST Privacy Framework includes changes to the original version’s content and structure. Specifically, the update includes:
- Changes to the Framework’s original content related to the Governing and Protection functions, as well as changes based on stakeholder feedback since the release of the original Framework five years ago
- A new section on AI and privacy risk management, and details on how the Framework applies to this rapidly emerging technology
- Posting of the Frameworks use guidelines to the internet as an interactive “frequently asked questions” (FAQs) page, to make it more accessible for users and easier to update as needed.
The initial public draft of the updated NIST Privacy Framework is available at https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.40.ipd.pdf.
Public comments on the updated draft can be filed with NIST until June 13 via the NIST Privacy Framework website at https://www.nist.gov/privacy-framework.
Comments can also be filed via email to privacyframework@nist.gov.
