NIST Privacy Framework

Map to the NIST Privacy Framework

The NIST Privacy Framework was created to help organizations improve their data privacy posture with proactive risk management, through a single unified framework that is scalable and adaptable to emerging challenges across data privacy and protection regulations.

The NIST Privacy Framework focuses on five core functions: Identify, Govern, Control, Communicate, and Protect.

Identify

Identify critical, sensitive, and business data to better manage risk. To comply with this function, establish an accurate data inventory and map your sensitive, personal, and regulated data across your entire data landscape.

Maintain an up to date (and accurate) understanding of what data is collected, stored, processed, and may be at risk.

Govern

Create an establish a governance structure to better prioritize and manage risk.

Align regulatory and compliance requirements, manage data policies for enforcement, and enact policy-driven retention management for all data, everywhere.

Control

Establish and implement the right activities and tools to control high risk data.

Manage, monitor, and track data that’s being processed, and identify overexposed and over-privileged data.

See BigID In Action

Communicate

Communicate what data is being processed and why, establish data transparency for data collection, and track data sharing.

Prioritize privacy and security risks, and put controls in place to manage data requests and breach notification.

Protect

Protect high risk data against cybersecurity events and potential privacy violations.

Manage data risk throughout the data lifecycle – classify sensitive data, remediate overexposed and over privileged data, and minimize the potential attack surface.