Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIPP/E Preparation > Module 7 - International Data Transfer > Flashcards

Module 7 - International Data Transfer Flashcards

1
Q

What are the three means of legitimising an ex-EEA/international data transfer?

A
  • Adequacy decision.
  • Appropriate safeguards.
  • Derogations.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the adequacy mechanism under article 45, GDPR?

A
  • Determination of adequate level of protection in country, territory or industry sector.
  • European Commission issues adequacy determinations through implementing acts.
  • Adequacy decisions are automatically reviewed every four years, and may also be amended, repealed or suspended.
  • No additional authorisation for transfer is required, if there is an adequacy decision.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What six forms of applicable safeguards exist?

A
  • Binding corporate rules - INTERNAL and legally-binding rules approved by DPAs for businesses in multiple countries.
  • Approved binding and enforceable sector codes of conduct and certification mechanisms.
  • Standard contractual clauses - approved by EC or DPA (and then adopted by EC).
  • Ad hoc contractual clauses - must be approved by DPA.
  • Approved codes of conduct and certification mechanisms.
  • International treaties.

Note: Transfer Impact Assessments must also be undertaken alongsiide use of Standard Contractual Clauses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name six aspects that should be addressed within a transfer impact assessment.

A
  • Transfer flows.
  • Transfer tools.
  • Sufficiency of local laws in host jurisdiction(s).
  • Identification and development of supplementary measures.
  • Implementation of formal procedural steps.
  • Periodic re-evaluation.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What seven derogations may be used to legitimise an international/ex-EEA data transfer?

A
  • Consent.
  • Performance of a contract with the DS - must be an ABSOLUTE NECESSITY (e.g. travel agency booking overseas).
  • Public interest.
  • Establishment or defence of legal claims.
  • Vital interests.
  • Transfer from a register of public information.
  • Legitimate interests - limited data transfers only (not repetitive) wiith appropriate balancing of DS rights and freedoms.

Transfers may also be made to third countries in restricted circumstances for the purposes of foreign law enforcement requests and important reasons of public interest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CIPP/E Preparation (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions