The IT Law Wiki


NIST, (DRAFT) Privacy Risk Management for Federal Information Systems (NISTIR 8062) (May 28, 2015) (full-text).


Expanding opportunities in cloud computing, big data, and cyber-physical systems are bringing dramatic changes to how we use information technology. While these technologies bring advancements to U.S. national and economic security and our quality of life, they also pose risks to individuals' privacy.

This publication introduces a privacy risk management framework for anticipating and addressing risks to individuals' privacy. In particular, it focuses on three privacy engineering objectives and a privacy risk model.