The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced recently that it has launched a collaborative project to develop a voluntary privacy framework to help organizations manage risk. According to NIST Director Walter G. Copan, “The development of a privacy framework through an open process of stakeholder engagement is intended to deliver practical tools that allow continued U.S. innovation, together with stronger privacy protections.”

With a wide variety of privacy laws both nationally (many states have specific privacy laws, and all 50 states have breach notification laws) and internationally, an effective solution will need to be comprehensive enough to meet as many diverse privacy requirements as possible without being so onerous that it limits innovation and product development. It will also need to be flexible enough to respond over time to individuals’ changing expectations, and the continued expansion of the Internet of Things (IoT.)

NIST will be kicking off their first workshop for this conference on October 16th at the IAPP Privacy. Security. Risk. 2018 Conference in Austin, Texas, and will be posting a recording of this event on their Privacy Framework website, so stay tuned …