To help US companies comply with EU guidelines, Rhymetec provides Privacy Shield consulting as part of our services for enterprise risk and compliance.
I What is Privacy Shield
The Privacy Shield program is a framework created by the US Department of Commerce, the European Commission and Swiss Administration to provide companies with a mechanism for complying with data protection requirements when transmitting personal information across the Atlantic. Designed to support transatlantic commerce, the Privacy Shield program provides a set of enforceable protections for the personal data of EU citizens. US-based companies wishing to collect and use personal data of EU individuals must meet certain requirements for data security, access, accountability, integrity and other principles to be compliant with the Privacy Shield requirements.
In theory, EU-based organizations will only transfer personal data to US companies that are listed by the US Department of Commerce as being compliant with the Privacy Shield. US companies can self-certify on the Department of Commerce website. Self-certification places companies under legal obligation to be compliant, and compliance failures may result in prosecution.
I Why it’s a good idea
Privacy Shield requirements may mean significant changes for some US companies in the way that personal data is collected, used and stored. For organizations seeking help to manage Privacy Shield risk and compliance, Rhymetec provides leading expertise, solutions and security technology.
I How we do it