I got a great question from a business friend of mine, and I wanted to provide my answer here, too, because it is something all multi-national organizations need to think about. Eric Nelson, who heads Secure Privacy Solutions asked, “If a company collects and manages PII from another country, e.g., India or the U.S., and transfers that PII to the E.U. for some type of processing or storage or even just transit, does the E.U. Data Directive apply once that PII leaves a country within the E.U.?”
Posts Tagged ‘cross border data flow’
Whose PII Is Covered Under the EU Data Protection Directive?
Tuesday, August 5th, 2008UK Annual Privacy Report: Businesses Need To Give Individuals Access to Their PII, and More Awareness and Training Is Needed
Wednesday, July 18th, 2007Data Protection & Privacy Noncompliance Fines Increasing in France
Monday, July 16th, 2007The French Data Protection Authority (CNIL) made some interesting statements last week in their annual report, covering June 2006 through June 2007, about some fines they’ve given during the past 12 months for non-compliance with their data protection laws.
France Fines Tyco Healthcare: U.S. Companies, You MUST Know and Follow International Data Protection Laws
Monday, May 7th, 2007In April the French Data Protection Authority (CNIL) reported they had issued a $40,972 fine against a subsidiary of U.S.-based Tyco Healthcare in March for inadequate storage safeguards and cross-border transfer of employee personally identifiable information (PII).