EU-US Privacy Shield Update: Will It Survive?28th February 2019
Understandably, thousands of UK businesses who use US companies to process personal data have been worried about the recent report on the EU-US Privacy Shield.
Well, it’s good news for these UK businesses, because the report found that data protection standards of companies across the pond are in fact up to scratch. Better yet, the steps recently taken by U.S. authorities have improved the functioning of the framework.
What is the EU-US Privacy Shield?
For those that don’t know, the EU-US Privacy Shield is a legal framework which ensures that the protection of data (processed by US companies for EU businesses) is provided with adequate protection. That means protecting data in line with our GDPR requirements.
Will the good news continue?
The positive results from this report mean that UK businesses have been saved a lot of time and money, but warned that changes may have to be made in the next 12 months. Trouble could lie ahead.
Many UK businesses would have been in breach of GDPR had the EU Commission not deemed the EU-US Privacy Shield’s protection levels to be adequate. Businesses would have had to try to negotiate contracts with their US data processors which would have been very time consuming and costly. Plus, US companies may not have been willing or able to accept such variations.
There is one potential factor which could see this good news turn to bad news for UK companies. The EU Commission’s decision is conditional on the US government appointing a permanent Privacy Shield ombudsperson by February 28, something which has not yet happened.
What can you do to protect your business?
UK businesses should ensure they are fully aware of any third parties that are processing personal data on their behalf and where these third parties are based, particularly if this is outside the EEA.
You should also check that all protection put in place by third parties is adequate and fully protecting your company.
If you would like any assistance in ensuring your data protection is up to scratch, simply get in touch and we’ll be happy to advise you – 01673 885533.