The NIST privacy framework refers to the term “core” to describe a set of privacy activities and outcomes. The core is composed of three nested levels: Function, Category, and Subcategory. So, for example, the concept that a data subject should have the right to access their personal information is found within NIST under the Core

On May 12, 2021, President Biden issued an executive order entitled Improving the Nation’s Cybersecurity (EO). The EO was released only days after the cyberattack impacting Colonial Pipeline, and several months following discovery of the penetration of various federal agencies as a result of the Solar Winds cyber breach by Russian hackers in 2019. The

In 2020, the National Institute of Standards and Technology, a part of the United States Department of Commerce, developed a privacy framework that was intended to help organizations identify and manage privacy risks. Like the ISO 29100 privacy framework that predated it, the NIST privacy framework is designed to provide common terminology to communicate privacy-related

The ISO 29100 privacy framework sets forth the following 11 core principles:

  1. Consent and choice
  2. Purpose legitimacy and specification
  3. Collection limitation
  4. Data minimization
  5. Use, retention, and disclosure limitation
  6. Accuracy and quality
  7. Openness, transparency, and notice
  8. Individual participation and access
  9. Accountability
  10. Information security
  11. Privacy compliance

The ISO 27701 privacy framework is not explicitly organized using the

While theoretically an organization could adopt ISO 27701 as a separate standalone framework to apply to the organization’s privacy program, the framework was conceptualized as an extension of the ISO data security standards – i.e., a company would ideally be certified in both data security and data privacy. As a result, it is organized based

Greenberg Traurig is a sponsor of the 19th Annual Rocky Mountain Intellectual Property & Technology Law Institute, taking place virtually June 3-4, 2021. The event will feature industry experts providing updates on IP fundamentals including patent law, PTAB, trademark/TTAB, copyright, licensing, trade secrets, data privacy and security, and internet litigation.

On Thursday, June 3, GT

On Thursday, May 20 at 8:00 a.m. PST (11:00 a.m. EST), Gretchen Ramos, global co-chair of Greenberg Traurig’s Data, Privacy & Cybersecurity Practice, will be a panelist at the Global Privacy Summit Online 2021 Expert Bar session, titled “CCPA, CPRA & CDPA: Implementation Tips & Tricks.” The session will provide practical considerations for passed