Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Privacy Framework 1.1
The time has arrived to update the NIST Privacy Framework to Version 1.1!
The NIST Privacy Framework was modeled after the NIST Cybersecurity Framework (CSF) so that the two frameworks could be used together. We are implementing a modest update to Privacy Framework 1.1 to support realignment with the CSF 2.0 update and respond to our stakeholders’ current privacy risk management needs.
| New Year, New Initiatives for the Privacy Framework! | January 25, 2024 |
| Privacy Framework 1.1 Concept Paper | June 18, 2024 |
| Ready, Set, Update! Privacy Framework 1.1 + Data Governance and Management Profile Workshop | Workshop Summary Report | June 25 and 26, 2024 |
| April 14, 2025 Public Comments due June 13, 2025 |
Privacy Framework 1.1 Initial Public Draft (IPD)
The NIST Privacy Framework is a “living” tool meant to evolve to meet stakeholder needs, and the time has come to update to Version 1.1. This update builds on the success of Privacy Framework 1.0 by responding to current privacy risk management needs, realigning with NIST Cybersecurity Framework (CSF) 2.0, and enhancing usability.
The following resources are included with the Privacy Framework 1.1 IPD release:
- Privacy Framework 1.1 IPD Highlights video that summarizes the development process and reviews key updates
- Mapping of Privacy Framework 1.0 Core to Privacy Framework 1.1 Core to help organizations trace changes to Core Categories and Subcategories between Framework versions
NIST welcomes stakeholder feedback on the Privacy Framework 1.1 IPD by June 13, 2025. Please use the comment template and submit comments to privacyframework [at] nist.gov.
Privacy Framework 1.1 IPD (PDF) Mapping of PF 1.0 to PF 1.1 Core (.xlsx)Comment Template (.xlsx)
Ways to Engage
- Visit our website. Visit the Privacy Framework website and this page for updates, upcoming events, resources, and other opportunities to weigh in.
- Email updates. To receive updates on the Privacy Framework, sign up for email alerts via the Mailing List page.*
- Social Media. If you prefer to get updates via social media, be sure to follow NIST Cyber on LinkedIn and Facebook.
- Contact us. You can always contact us at privacyframework [at] nist.gov (privacyframework[at]nist[dot]gov).
*Mailing List: If you are having trouble joining the mailing list, e-mail PrivacyFramework+subscribe [at] list.nist.gov (PrivacyFramework+subscribe[at]list[dot]nist[dot]gov). If you don't have a Google account, please review and follow these instructions.