The 411 about Privacy Shield
If you are operating a business that has any dealing with people who reside within the European Union, you will know by now about the effect that the new General Data Protection Regulations (GDPR) rules have had on data. One way in which businesses have found to easily comply with the GDPR is through compliance with and certification from the Privacy Shield Framework.
What is Privacy Shield?
Privacy Shield is a joint framework that was developed by the US Department of Commerce in conjunction with the European Commission in order to provide companies with a policy guide that can be followed to ensure compliance with all EU data protection regulations whenever any personal data is transferred from the European Union to the United States for the purpose of any transatlantic commerce.
The framework created a set of guidelines for protecting EU residents’ personal data. The framework transparently shows how companies who participate in the privacy shield share personal data and has oversight from the US side with a cooperation from the EU data protection authority. The framework allows EU individuals to have access to multiple methods for addressing concerns relating to any of the participants’ compliance with the data protection regulations. This also includes a free dispute resolution service.
Privacy shield also ensures that there is a continued protection which is consistent with all regulations relating to transferring personal data to third parties. It also offers a clear way for EU residents to look into their rights and exercise them. This framework was determined to be acceptable by the European Commission for enabling data transfers in line with EU law.
How Do US Companies Join Privacy Shield?
In order to sign up for the privacy shield framework, the US based company is required to complete a self-certification and send it to the Department of Commerce which states that they publicly commit to complying with all of the framework’s requirements. Once a company willingly joins the privacy shield, as there is no legal requirement to do so, the company will be committed to complying with all of the framework’s requirements and this compliance can be enforced by law in the US.
How Businesses Show Privacy Shield Compliance