Recent Blog Posts

Important Privacy Shield Requirements for Pharma & Medical Companies

March 28, 2017

The EU-US Privacy Shield framework is an approved transfer mechanism for personal data from the EU to the United States, meaning that once self-certified, companies have “adequate” protections in place when transferring personal data. Businesses involved in clinical, medical and other forms of scientific research may not be aware that there are specific requirements under Privacy Shield that apply to those fields. The requirements may create the need for additional privacy policy controls, so companies in those fields should check to ensure that all requirements are being met. These requirements are addressed in the supplemental principles of Privacy Shield and … Continue reading Important Privacy Shield Requirements for Pharma & Medical Companies

Early Bird Pricing for Privacy Risk Summit Ends this Friday!

March 27, 2017

One of the best ways to mitigate risk is to know what technological and regulatory change will bring ahead of time. This risk-based approach aligns with the GDPR approach to privacy management. The 2017 Privacy Risk Summit is set to carry on TRUSTe’s reputation for high quality education programs that help privacy professionals plan for future changes. Past events have brought together EU regulatory experts and Silicon Valley business leaders to discuss the impact of the EU GDPR and how organizations could navigate the global privacy requirements. Whenever there are sweeping changes, such as when IoT took off, TRUSTe is … Continue reading Early Bird Pricing for Privacy Risk Summit Ends this Friday!

Privacy Protections for Broadband ISP Consumers Uncertain

March 24, 2017

Last fall Chairman Wheeler put together a proposal that would help provide universal privacy protection principles to individuals’ personal information collected by broadband Internet Service Providers (ISPs), namely: choice, transparency, and security. Approved by the U.S. Federal Communications Commission, the rules  would implement the privacy requirements of Section 222 of the Communications Act for broadband ISPs. The rules separate the use and sharing of information into three categories and include clear guidance for both ISPs and customers about the transparency, choice and security requirements for customers’ personal information: Opt-in:  ISPs are required to obtain affirmative “opt-in” consent from consumers to … Continue reading Privacy Protections for Broadband ISP Consumers Uncertain

Privacy Shield Grace Period is Ending, Are you Ready?

March 20, 2017

Soon companies that self-certified with the Department of Commerce (DOC) last fall before the September 30, 2016 deadline will have the 9 month “grace period” come to a close. The grace period was given to these companies so that they could ensure that all of their third party vendors met the Accountability for Onward Transfer principle. The grace period ends soon, meaning that the deadline is fast approaching. The Privacy Shield  Accountability for Onward Transfer principle, Section II, 3.b., states: To transfer personal data to a third party acting as an agent, organizations must: (i) transfer such data only for limited and specified … Continue reading Privacy Shield Grace Period is Ending, Are you Ready?

5 Benefits of APEC CBPR Certification You Should Know About

March 13, 2017

1) Jurisdiction-Specific Transfer Benefits: In Japan, companies that have a CBPR certification do not have to obtain consent to transfer data to another country, which is otherwise required under Japanese law. 2) Facilitation of APEC-European Interoperability: An APEC CBPR certification may make it easier for an organization to obtain approval of their Binding Corporate Rules in the European Union. Since 2013, APEC member Economies and EU officials have been collaborating to promote interoperability between the two regional transfer mechanisms. 3) Alignment with Global Frameworks: An APEC CBPR certification is based on many of the same principles that inform the OECD … Continue reading 5 Benefits of APEC CBPR Certification You Should Know About

March Event Spotlight: RampUp, IAPP Europe Data Protection & Privacy Program Management Webinar

March 06, 2017

RampUp 2017 March 7 San Francisco, CA The annual RampUp summit is a hub of excitement and idea-sharing that gathers major players in digital marketing together in one place. The goal? To discuss the challenges and solutions facing the industry today. Network with your peers and industry leaders while you soak up what’s important to know for the future of MarTech. Don’t miss TRUSTe SVP of Marketing Dave Deasy speak on the “Consumer Engagement in an Age of Skepticism” panel at 3:35pm alongside Lou Mastria, DAA; Shannon Orr, Gap Inc.; Michael A. Signorelli, Venable LLP and Julie Bernard, Verve. > … Continue reading March Event Spotlight: RampUp, IAPP Europe Data Protection & Privacy Program Management Webinar