The National Institute of Standards and Technology (NIST) has issued a press release on its recently published report "Privacy Risk Management Framework for Federal Information Systems" (the Report). The Report is designed to promote a greater understanding of privacy impact and address them through risk management.

Key element of the methodology the Report suggests for assessing the privacy impact are:

  • a common vocabulary concerning privacy risks;
  • practical implementation of the principles;
  • predictability, manageability and disassociability – the three privacy engineering objectives;
  • the ability to identify and quantify privacy risks; and
  • a methodology that allows agencies to provide measurable results, to allocate resources and to minimize the impact on the individuals.

To access the report, please click here.