Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: certification

Posted in International/EU Privacy

Navigating from Safe Harbor to Privacy Shield: A Primer

In less than one week, on August 1, U.S. companies may begin to submit self-certifications to the EU-U.S. Privacy Shield framework at www.privacyshield.gov. Those companies that previously certified to the predecessor Safe Harbor framework are in a particularly good position to certify to the Privacy Shield, which built upon Safe Harbor’s core principles by adding meaningful substantive and procedural privacy protections for EU individuals.

A company seeking to transition from Safe Harbor to Privacy Shield will need to engage in three general steps: (1) update its external-facing privacy policy; (2) develop internal policies and procedures to comply with new Privacy Shield requirements; and (3) more closely manage its relationships with third parties that will receive or have access to Privacy Shield data, including ensuring contracts with those third parties meet new Privacy Shield requirements. We summarize these three steps, as well as additional procedural requirements that will affect the impact of Privacy Shield on U.S. businesses compared to Safe Harbor.

Posted in International/EU Privacy

Future-Proofing Privacy: International Data Transfers 2.0

Part 9 of Future-Proofing Privacy: Future-Proofing Privacy: International Data Transfers 2.0. The Data Protection Directive and the Regulation both impose restrictions on the transfer of personal data by EU based businesses (whether those businesses are data controllers or data processors) to destinations outside the EEA. These restrictions, however, have not been uniformly implemented by EU Member States. In some Member States additional requirements apply, such as prior notification to or approval by the local DPA, particularly where companies wish to rely on EU Model Clauses or BCRs. This approach is essentially set to continue
with some variations.