How does GDPR apply to the transfer of personal data from an EU entity to an international organization?

“Entities subject to the GDPR that exchange personal data with international organisations have to comply with the GDPR, including its rules on international transfers (Chapter V of the GDPR),” says the European Data Protection Board in a

Will the CCPA entitle the State of California to adequate status for transfers of personal data from the EU?

“The CCPA has many of the basic criteria that the EDPB’s adequacy guidance document notes must be present in the legal system to meet the adequacy standard. For example, the CCPA employs a similarly expansive definition

According to Rochelle Osei-Tutu, an International Trade Specialist at the U.S. Department of Commerce, over 4,000 companies have already registered for EU-US Privacy Shield and 2,600 for the Swiss-US Shield. Of them, 1,300 cover cross-border flows of HR data. Eighty percent of registered companies are small and medium-sized businesses, but many Fortune 500 companies are

The European General Data Protection Regulation (GDPR) comes into force on May 25, 2018.  This gives companies only two months to prepare for and comply with the GDPR. Companies should be conducting data mapping to identify all cross-border transfers of personal data so that they can determine the best way to comply with the GDPR

Luxembourg politician Viviane Reding proposed three years ago to overhaul the EU Data Protection Directive. Now, European Union officials have settled on an agreement to replace the Directive with new privacy legislation called the General Data Protection Regulation (GDPR). It is not EU law just yet, but the EU Parliament is expected to fully approve

Privacy officials in Germany penned a position paper arguing that standard contract language and binding corporate rules do not adequately provide data protections necessary for legal U.S.-EU data flows. These two data transfer alternatives to Safe Harbor are not viable.

Binary code on the European continent from space, illustrating European Union data privacyThe German data protection authority (DPA) recommended a path of informed consent. U.S. companies should