Great New Privacy Guidance Tools From The EU

Do you have any customers in any of the 27 European Union (EU) countries? Do you have any personnel in the EU? COULD YOU have?
Any company sending or receiving personally identifiable information (PII) of a very wide range of possibilities…many more items are considered as PII outside of the U.S. than within the states…to or from other countries must abide by the data protection (read “privacy”) laws for those countries. The EU Data Protection Directive (95/46/EC) establishes the minimum PII data protection requirements that ALL companies, any where in the world, must follow to send PII for their citizens over their country borders. Each of the EU countries also have specific data protection laws that may be even more restrictive than the EU Data Protection Directive (95/46/EC).


Can complying with all these rules be complicated? You bet! However, you MUST work toward protecting PII, based upon risk and to meet data protection laws compliance, otherwise you could face hefty fines, face being told to stop doing business in those countries until you get into compliance, or even face law suits.
On July 8 the Article 29 Working Party (the group of data privacy officials from each EU country) issued a very helpful “toolbox” of guidance for organizations and EU data protection authorities (DPAs) to help them use binding corporate rules (BCRs) to try and meet the security, privacy and compliance challenges of sending PII over country borders.
FYI…BCRs were created in 2003 to help organizations that have customers and/or personnel multiple EU countries to send and receive PII across country borders without being in noncompliance of the EU Data Protection Directive (95/46/EC), which REQUIRES that PII can only be transferred across country borders if ADEQUATE (as determined by the Article 29 Working Party) security is in place.
Even if you do not have customers or personnel in the EU, there is some great guidance within these documents.

Check them out!

Tags: , , , , , , , , ,

Leave a Reply