NIST 800-53 Privacy Controls Assessment

Assess and strengthen your privacy program.

Overview

NIST SP 800-53 Privacy Controls provide a structured set of controls for protecting privacy and serves as a roadmap for organizations to use in identifying and implementing privacy controls concerning the entire life cycle of personally identifiable information, whether in paper or electronic form. Although the NIST SP 800-53 was primarily created for use by federal agencies and some contractors to those agencies, it is regularly used by private industry as best practices and can be effectively used to create a privacy program from the ground up, to assess and strengthen an existing privacy program, or as a guide to implement program changes.

Key Benefits

patient privacy

Optimize Privacy Controls

The NIST Privacy Controls Assessment is an administrative evaluation of your organization’s privacy-related policies, procedures, management processes, physical characteristics, and workforce privacy awareness.

04

Identify Gaps

Ideally, a NIST Privacy Controls Assessment confirms that your organization is doing everything right; if not, our assessment methodology is designed to identify gaps in policies, procedures, practices, or processes and provide recommendations so you can remediate the gaps.

Having a partner that is actively monitoring our systems, trends, local and global threats not only saves the Virtua IT Security team time, but provides us with the ability to proactively look at potential threats to plan accordingly. The partnership with CynergisTek has allowed us to focus on compliance, developing risk programs, policy and procedures leading to a culture focused on making us more secure.

Tom Gordon

CIO, Virtua

Security has become a necessary and critical strategic pillar for our organization, and it is too broad and complex for a provider organization to keep up with on their own. Having a partner like CynergisTek with depth and breadth of knowledge and expertise is a crucial asset for our organization. I can’t imagine navigating these issues without them.

John Mangona

Vice President, Chief Information & Compliance Officer, Saratoga Hospital

CynergisTek’s social engineering and phishing service was an excellent training tool for our organization. A third-party assessment of how our policies and procedures would stack up against a real threat was eye-opening and provided us with valuable information we can leverage to continue to enhance our security posture.

Joe Egan
Director of Information Security, Valley Children’s Hospital

Features

Assess Compliance

The NIST Privacy Controls Assessment addresses voluntary or required compliance efforts with the NIST SP 800-53 framework, documents deficiencies, and provides a list of recommended actions to improve the organization’s voluntary compliance.

Privacy Best Practices and Reduce Risk

Verify that your organization has implemented fair information practice principles (FIPPs) as best practices. Or build your privacy program from the ground up with FIPPs found in the NIST SP 800-53.

For those organizations that have a regulatory obligation to comply with NIST SP 800-53, you may reduce enforcement risks by verifying that you’re in compliance with requirements.

Outcome

The goal of the NIST Privacy Controls Assessment is to verify that your organization has implemented FIPPs and provide recommendations, guidance, and best practices to remediate gaps. Additionally, you’ll gain insight into how your organization is handling personally identifiable information.

Related Resources

Get Started with CynergisTek Today

Be Ready. Be Resilient. Validate

Subscribe to our newsletter