We are proud to announce our certification under the EU-U.S. Privacy Shield for the transfer of personally identifiable information (PII) from the European Union (EU) to the United States (U.S.).
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and the European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the EU to the U.S. in support of transatlantic commerce. Privacy Shield officially launched on August 1, 2016.
The Privacy Shield Principles comprise a set of seven commonly recognized privacy principles:
- Accountability for Onward Transfer
- Security, Data Integrity and Purpose Limitation
- Recourse, Enforcement and Liability
These seven principles, combined with 16 equally binding principles, lay out a set of requirements governing participating organizations’ use and treatment of personal data received from the EU under the Framework as well as the access and recourse mechanisms that participants must provide to individuals in the EU. Once an organization publicly commits to comply with the Privacy Shield Principals, that commitment is enforceable under U.S. law.
Privacy Shield replaces the EU-U.S. Safe Harbor Program after Safe Harbor was invalidated by the European Commission for several reasons, not the least of which was that it did not do enough to safeguard PII. Additionally, companies self-certified to the program, and there was little oversight or regulatory enforcement for failure to adhere to Safe Harbor. Privacy Shield is intended to address these issues both by setting a higher bar and by allowing for stronger enforcement.
An organization seeking assurance of the benefits of Privacy Shield must self-certify annually to the U.S. Department of Commerce’s International Trade Administration (ITA) that it adheres to the Privacy Shield Principles in order to remain on the Privacy Shield List.
At ClearStar, we have always strongly believed in the protection of PII, and we welcome the enhancements of Privacy Shield. We are excited to be among the first companies to certify under Privacy Shield, not only because it allows us to showcase an already strong privacy program, but also because the process provided us opportunities to improve our existing programs. Although the application process took a lot of work from our team, we believe it allows us to better serve our customers, and will help them in obtaining their own Privacy Shield certifications, if appropriate.
ClearStar received certification on Monday, September 19, 2016 from the U.S. Department of Commerce. The ClearStar Privacy Shield Certification can be found here: https://www.privacyshield.gov/list.
For more information about Privacy Shield, go to https://www.privacyshield.gov.
If you are interested in learning more about Privacy Shield, don’t miss our ClearStar Academy webinar on the topic—details coming soon!