Thu, Sep 17, 2020
The Court of Justice for the EU issued a ruling that invalidates the primary data transfer agreement between the EU and the U.S. The ruling will have immediate and complex implications for data sharing between the EU and U.S. as the Privacy Shield can no longer be used by organizations to transfer personal data across the Atlantic.
Alan Brill, Senior Managing Director, and Yvette Gabrielian, Senior Director, in the Cyber Risk practice of Kroll, a division of Duff & Phelps, articulate how companies that relied on the Privacy Shield can move forward and remain compliant with EU law in a Law360 article. They highlight that until a new U.S.- EU agreement is reached, organizations must also utilize the Standard Contractual Clauses (SCCs) to comply with the EU law or face sanctions. Alan and Yvette additionally share best practices as part of a series of eight practical questions to help professionals assess and shape their ongoing business processes to fit this latest ruling.
Subscribers of Law360 can access the full article here.
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Kroll's data privacy team provide DPO consultancy services to help you become and stay compliant with regulatory mandates.
Kroll’s Virtual CISO (vCISO) services help executives, security and technology teams safeguard information assets while supporting business operations with augmented cyber expertise to reduce business risk, signal commitment to data security and enhance overall security posture.
World-renowned cyber investigators and leading technology fuel Kroll’s managed security services, augmenting security operations centres and incident response capabilities.
Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.