Cross-Border Data Transfers Flashcards Preview

CIPP/E > Cross-Border Data Transfers > Flashcards

Flashcards in Cross-Border Data Transfers Deck (7)
Loading flashcards...
1
Q

Options for cross-border data transfers as defined in the GDPR

A

(1) Adequacy decisions
(2) Appropriate safeguards
(3) Derogations

2
Q

Which body makes adequacy decisions?

A

European Commission

3
Q

Canada is deemed adequate under what provision?

A

Data protected by PIPEDA

4
Q

The USA is deemed adequate under what provision?

A

EU-US Privacy Shield

5
Q

Privacy Shield Requirements include:

A
  • Commit to the Privacy Shield Principles
  • Publicize that commitment
  • Publicly disclose the orgs privacy policy
  • Implement the Principles
  • Annually renew the certification
6
Q

Privacy Shield Principles include:

A
  • Notice
  • Choice
  • Accountability for onward transfers
  • Security
  • Data integrity and purpose limitation
  • Access
  • And recourse, enforcement, and liability
7
Q

Appropriate safeguards include:

A
  • Binding Corporate Rules (BCRs)
  • Standard contractual clauses
  • Approved codes of conduct or cert. mechanisms
  • Ad hoc contractual clauses
  • Reliance on international agreements