The National Institute of Standards and Technology (NIST) recently released a privacy framework to address privacy issues and goals. The framework is neither a law nor a regulation, but, rather, is a tool to help organizations manage privacy risks by encouraging awareness as an ongoing process. Under the framework, companies should address privacy issues as they develop to help mitigate risks. However, the framework will not specifically help companies with compliance.
Fenwick & West privacy and cybersecurity practice co-chair and partner Jim Koenig noted: “I don’t think the NIST framework will be used as a universal, all-purpose framework. What it will do is create a framework for privacy and audit programs to know that many of the key practices and requirements are included in a company’s privacy program, training and occasional testing.”
Click here for the full text of the framework.
As a reminder, privacy laws and their impact on background screening was Number 3 in Hire Image’s Top 10 Background Predictions of 2020. Please contact us if you have any privacy or compliance concerns.