Soon companies that self-certified with the Department of Commerce (DOC) last fall before the September 30, 2016 deadline will have the 9 month “grace period” come to a close. The grace period was given to these companies so that they could ensure that all of their third party vendors met the Accountability for Onward Transfer principle. The grace period ends soon, meaning that the deadline is fast approaching. The Privacy Shield Accountability for Onward Transfer principle, Section II, 3.b., states: To transfer personal data to a third party acting as an agent, organizations must: (i) transfer such data only for limited and specified … Continue reading Privacy Shield Grace Period is Ending, Are you Ready?
Last week TRUSTe held a webinar “Privacy Shield Self-Certification – What’s Next?” as part of its Privacy Insight Series. If you missed the webinar you can still sign up to receive the on-demand recording and the slides. Our speakers, David Fowler, Chief Privacy & Digital Compliance Officer, Act-On Software; Amanda Gratchner, Global Privacy Counsel, NAVEX Global; and K Royal, Senior Privacy Consultant at TRUSTe discussed several different ways to enhance everything from your policies to your Privacy Impact Assessments by leveraging your Privacy Shield Certification. They also discussed how to use the Certification toward compliance with other frameworks, such as the … Continue reading 3 Ways to Leverage Your Privacy Shield Certification
Last month the United States Department of Commerce and Switzerland’s Federal Council declared that the new Swiss-US Privacy Shield Framework will be the successor to the Swiss-US Safe Harbor framework. The Swiss-US Safe Harbor framework was declared invalid in October 2015 following the European Union Court of Justice’s decision that the EU-US Safe Harbor was an inadequate legal mechanism for personal data transfers to the US. Since then, officials have drafted the new framework to ensure that the Swiss-US Privacy Shield Framework improves upon the U.S.- Swiss Safe Harbor framework by including stricter data protection principles. These include enhanced requirements … Continue reading Swiss-US Privacy Shield Replaces U.S.-Swiss Safe Harbor
We would like to thank all of our blog subscribers and visitors for a great 2016. This year has had many monumental privacy events, from the EU General Data Protection Regulation (GDPR) being adopted to EU-US Privacy Shield being finalized. TRUSTe was there as your trusted privacy advisor throughout the changes, and here are the top three blog posts of the year: 1. EU GDPR Series: Tips on Privacy Compliance This series gives the background on the EU GDPR, the path to compliance, and practical implementation steps for each phase of your program. Each individual post contains best practices, tips, and … Continue reading Top Topics of 2016
K Royal, CIPP/US, CIPP/E, Sr. Privacy Consultant Companies need a privacy partner, not just a privacy consultant. This is a concept that I have learned with our clients while being a part of the consulting team at TRUSTe. Having been a privacy officer (both as an attorney and a non-attorney) in several industries – healthcare, medical devices, emerging technology and with clients ranging from local government to national, from financial to education in the global realm and specifically within the US sectors – I cannot say that I have seen it all, but I have seen a whole lot of … Continue reading Why Companies Need a Privacy Partner
The International Trade Administration (ITA) announced that the 500th company was posted to the EU-US Privacy Shield Framework list on Tuesday, October 18th. It’s a tremendous accomplishment, and there are still more to come. More than 1,500 companies have submitted self-certifications, providing strong endorsement of the new framework. The ITA press release stated: WASHINGTON – The EU-U.S. Privacy Shield Framework today achieved a milestone with the posting of the 500th company to the Framework list since it began accepting certifications on August 1, 2016. The U.S. Department of Commerce’s International Trade Administration manages the newly created Privacy Shield program, and conducts a … Continue reading 500th Company Posted to Privacy Shield Framework