My Comment on the NIST Privacy Framework

I am glad to see the National Institute of Standards and Technology developed a privacy 1.0 framework that aligns with the NIST cybersecurity framework. Security is top of mind for health care providers, and now we have to be vigilant about protecting patient privacy. I am encouraging health care organizations to follow NIST's cybersecurity framework, and they should also take steps to include the privacy portion. CIOs and CISOs have to influence the organization to change its security behaviors by placing a strong emphasis on information security and privacy training.

NIST's privacy framework will continue to evolve as the requirements and expectations change. The current HIPAA rule is overdue for an update -- hopefully with a guide that can help organizations develop a playbook. I believe the NIST framework should be the playbook of choice for CIO and CISOs.

A CISO at an academic medical center I spoke with said the center's department "is heavily involved in ensuring that we build security into all strategic initiatives at the onset. We need to make sure that we deliver security and privacy to our patients."




  • Grey Facebook Icon
  • Grey Twitter Icon
  • Grey Instagram Icon

ABOUT David Chou

David Chou serves as the SVP/CIO for a public academic health system.  Chou has held executive roles with the Cleveland Clinic, Children's Mercy Hospital, University Of Mississippi Medical Center, AHMC Healthcare, and Prime Healthcare.  

David is a dynamic keynote speaker and industry commentator working with clients to transform their business models using technology. He has spoken around the world at healthcare tech-related conference including keynotes for leading industry events and intimate executive settings. Chou is also one of the most mentioned CIOs in the media and well quoted in outlets such as the Wall Street Journal, Modern Healthcare, HIMSS Media, ZDNet,, Huffington Post, and Becker's Healthcare.  David is an active member of both ACHE and HIMSS while serving on the board for CHIME. 



 Subscribe now to receive the new updates.