The European Court of Justice decision that invalidated the EU-US Privacy Shield, complicates EU-US data transfers. International Data Transfers from the European Economic Area (EEA) today require:
(i) design and implementation of agile, principle-based organizational and technical measures,
(ii) a solid risk assessment framework that is operationalized,
(iii) someone responsible to track and quickly communicate current events, and
(iv) a great Plan B
This applies to businesses of all sizes and in all industries that conduct business in the EEA, as well as the rest of the world. Successfully operationalizing safeguards to address legal issues associated with international data transfers can be accomplished. In the latest Data Protection Academy webinar we discussed how US-based organizations should respond and our recommendations in the form of a simplified “how to” guide.