Crossing the Atlantic: Tips and Traps for Data Privacy Framework Certification

To register for the upcoming live webinar, please Click Here

The EU-U.S. Data Privacy Framework (DPF) simplifies the process of transferring personal data from the EEA, UK and Switzerland to the U.S., particularly for a U.S. business without an establishment in the EEA, UK or Switzerland. But the certification process is not inexpensive or risk free. The two trans-Atlantic personal data transfer mechanisms that preceded DPF were declared invalid because of concerns with U.S. national security laws and the DPF already is facing legal challenges. Now, the stakes are high for the DPF program administrators to ensure that U.S. businesses live up to their commitments under DPF.

Key takeaways:

• Understanding key decisions and requirements for DPF certification

• How DPF requirements compare to current U.S. privacy laws

• Key considerations for operationalizing a DPF compliance program (such as privacy policy, privacy rights request and contracting requirements) and handling existing standard contractual clauses

• Whether and how DPF certification can fit in to a business also considering certification under the APEC Cross-Border Privacy Rules

 

To register for the upcoming live webinar, please Click Here