NIST announces plans to develop privacy framework
The National Institute of Standards and Technology (NIST) is creating a voluntary privacy framework that will help organizations find better ways to protect individuals’ private information in an age of new technology.
The agency announced the collaborative initiative on Tuesday, Sept. 4, saying while newer technologies and artificial intelligence (AI) enhance multiple industries, they also require a support system that ensures detailed data about individuals remain protected.
“The envisioned privacy framework will provide an enterprise-level approach that helps organizations prioritize strategies for flexible and effective privacy protection solutions so that individuals can enjoy the benefits of innovative technologies with greater confidence and trust,” a press release stated.
NIST also said while good cybersecurity practices are essential to managing privacy risk, additional tools are needed to “better address the full scope of privacy risk.”
The announcement could have a profound impact on the healthcare industry. According to the HIPAA Journal, between 2009 and 2017 there were more than 2,100 healthcare data breaches involving more than 500 records. Those breaches resulted in the theft and exposure of more than 176 million healthcare records—equal to 54.25 percent of the United States population.
“Consumers’ privacy expectations are evolving at the same time that there are multiplying visions inside and outside the U.S. about how to address privacy challenges,” NIST senior privacy policy advisor Naomi Lefkovitz said in a statement. “NIST’s goal is to develop a framework that will bridge the gaps between privacy professionals and senior executives so that organizations can respond effectively to these challenges without stifling innovation.”