摘要
数字经济快速发展不断加速数据的流动和共享,个人信息泄露等隐私问题日益突出。为指导组织通过风险管理提高隐私保护能力,NIST发布了隐私框架,为利益相关方之间沟通隐私风险提供了一种通用规则。从隐私框架概况、隐私风险管理、实践应用、网络安全框架比对,以及与相关法律及标准的关联性等方面对隐私框架进行了综合分析。
The rapid development of the digital economy continues to accelerate the flow and sharing of data,brings privacy issues such as personal information leakage at the same time.To guide organizations to improve their privacy protection capabilities through risk management,NIST has published the Privacy Framework,which provides a common rule for stakeholders to communicate privacy risks.In this paper,we provide a comprehensive analysis of the Privacy Framework from aspects of the overview,risk management,practices,comparison with Cybersecurity Framework,the relevance to relevant laws and standards.
出处
《信息技术与标准化》
2021年第7期27-32,共6页
Information Technology & Standardization
基金
工业和信息化部2018年工业互联网创新发展工程(网络和安全方向)之“工业互联网数据安全防护及评估技术研究与能力建设项目”。
