The National Institute of Standards and Technology (NIST) has issued a press release on its recently published report "Privacy Risk Management Framework for Federal Information Systems" (the Report). The Report is designed to promote a greater understanding of privacy impact and address them through risk management.
Key element of the methodology the Report suggests for assessing the privacy impact are:
- a common vocabulary concerning privacy risks;
- practical implementation of the principles;
- predictability, manageability and disassociability – the three privacy engineering objectives;
- the ability to identify and quantify privacy risks; and
- a methodology that allows agencies to provide measurable results, to allocate resources and to minimize the impact on the individuals.
To access the report, please click here.