NIST Proposes Adding Privacy to Security Doc
DATA PROTECTION—U.S.July 20, 2011
The National Institute of Standards and Technology (NIST) has proposed a privacy controls appendix for its "Security Controls for Federal Information Systems and Organizations" document, reports InfoSecurity. The appendix would provide a set of controls to "help enforce requirements of federal privacy legislation, policies, regulations, directives, standards and guidance." It would also link privacy and security controls and officials in order to achieve organizational objectives in these areas and develop assessment procedures for ongoing evaluations. "Privacy and security controls in federal information systems are complementary and mutually reinforcing in trying to achieve the privacy and security objectives of organizations," a NIST spokesman said.