Skip to main content

On-demand webinar coming soon...

Press Release

OneTrust Expands Schrems II Solutions

June 21, 2021

OneTrust announced today enhancements to our range of Schrems II Solutions to help organisations comply with the European Data Protection Board’s (EDPB) recommendations on measures that supplement transfer tools following the Schrems II decision. OneTrust’s Schrems II Solutions help both EU exporters and importers comply with the latest EDPB guidance.

Register for the webinar: Schrems II Fallout Continued: Finalised EDPB Recommendations Released 

In July 2020, the Court of Justice of the European Union (CJEU) ruled on the Schrems II case, invalidating the EU-US Privacy Shield. This decision required many organisations to evaluate alternative data transfer mechanisms to comply with personal data transfer requirements under the GDPR. In November, along with the release of a set of revised Standard Contractual Clauses (SCCs) by the European Commission, the EDPB released draft guidelines on “supplementary measures” to ensure compliance with the EU’s level of personal data protection when transferring personal data from the EU to a third country. Today, the EDPB finalised those guidelines after a public consultation period.

The EDPB guidelines provide a roadmap data exporters can follow to ensure that personal data transfers are lawful and that they satisfy the GDPR’s accountability principle under Article 5(2). They also outline a set of contractual, organisational, and technical measures that can be implemented with the support of data importers to bring the data protection standards in line with the EU’s level of protection when transferring data to a third country. The key updates to this guidance include the following:

  • Exporters should recognise the importance of examining third country public authorities’ practices in their legal assessments to help determine whether the legislation or practices hinder the effectiveness of the Article 46 transfer tool. 
  • Exporters may want to consider the practical experience of the importer when carrying out their assessments. 
  • The effectiveness of the data transfer tool may be affected by the legislation of the third country destination allowing its authorities to access the transferred data, even without the importer’s intervention.

 

Operationalise the EDPB Guidelines with OneTrust Schrems II Solutions

OneTrust is helping both data exporters and importers operationalise the EDPB’s finalised guidelines with an enhanced set of tools, guidance, and templates live in the platform today.

For data exporters, OneTrust’s Schrems II Solutions help carry out the EDPB’s six step roadmap, including pre-built templates to assess third countries, perform Transfer Impact Assessments (TIAs), and evaluate the effectiveness of supplementary measures. OneTrust helps exporters:

  • Map Transfers: Centrally document and visualise all cross-border transfers, related data importers, and the third countries involved. 
  • Verify Transfer Tool: Document and verify the transfer mechanism for each transfer, enabling a risk-based approach to prioritise further analysis. 
  • Assess Effectiveness: Leverage pre-built templates and research to carry out Transfer Impact Assessments (TIAs) in collaboration with the data importer to determine if the documented transfer tool is effective in the context of each transfer. 
  • Adopt Measures: If the transfer tool is deemed ineffective, use pre-built templates based on the EDPB guidelines to determine the technical, contractual, or organisational supplementary measures that can be adopted. 
  • Update Contracts: Action any necessary steps from the analysis, such as updating contracts and implementing technical controls. 
  • Monitor and Revaluate: Monitor third-country developments and evaluate new transfers to ensure that supplementary measures remain effective and data importers honour their commitments

For data importers, OneTrust helps operationalise privacy and security programs through the OneTrust privacy, security, and data governance platform, ensuring that the proper operational processes, technical controls, and compliance mechanisms have been implemented across the organisation. In addition to these foundational elements, OneTrust provides solutions to help data importers with specific operational challenges of Schrems II and the EDPB guidelines, including:

  • Third Country Assessments: Prepare for requests from data exporters by proactively assessing third countries with pre-built assessment templates and third-country comparison from OneTrust DataGuidance 
  • Transparency Reporting: Be transparent about government surveillance requests by creating, managing, and centrally hosting a Transparency Report as part of your privacy policy 
  • Assessment Response Automation: Streamline response to the increased volume of Transfer Impact Assessments from data exporters by answering questions once to create a central answer bank, and then auto-applying those answers to subsequent questionnaires using AI and NLP technology

Register for the webinar: Schrems II Fallout Continued: Finalised EDPB Recommendations Released

“The EDPB’s final guidance on supplementary measures sets clear benchmarks for organisations as they work towards safe and reliable data transfers following the Schrems II decision and the invalidation of the EU-US Privacy Shield,” said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). “OneTrust’s expanded range of solutions, research, and guidance will help organisations comply with these guidelines and better operationalise their privacy program.”

For information on how OneTrust can support compliance with the Schrems II decision and the EDPB’s latest guidance, visit onetrust.com/schrems

OneTrust, OneTrust Schrems II Solutions, and OneTrust DataGuidance are registered trademarks or trademarks of OneTrust LLC or its subsidiaries in the United States and other jurisdictions.   

 

About OneTrust

OneTrust is the #1 fastest-growing company on Inc. 500 and the category-defining enterprise platform to operationalize trust. More than 10,000 customers, including half of the Fortune Global 500, use OneTrust to make trust a competitive differentiator, implementing central agile workflows across privacy, security, data governance, GRC, third-party risk, ethics and compliance, and ESG programs.

The OneTrust platform is backed by 150 patents and powered by the OneTrust Athena™ AI and robotic automation engine, and capabilities include:

  • OneTrust Privacy - Privacy Management Software 
  • OneTrust DataDiscovery™ - AI-Powered Discovery and Classification 
  • OneTrust DataGovernance™ - Data Intelligence Software 
  • OneTrust Vendorpedia™ - Third-Party Risk Exchange 
  • OneTrust GRC - Integrated Risk Management Software 
  • OneTrust Ethics - Ethics and Compliance Software 
  • OneTrust PreferenceChoice™ - Consent and Preference Management Software 
  • OneTrust ESG – Environmental, Social & Governance Software

OneTrust has raised a total of $920 million in funding at a $5.3 billion valuation from Insight Partners, Coatue, TCV, SoftBank Vision Fund 2, and Franklin Templeton. OneTrust’s fast-growing team of 2,000 employees is co-headquartered in Atlanta and London with additional offices in Bangalore, Melbourne, Denver, Seattle, San Francisco, New York, São Paulo, Munich, Paris, Hong Kong, and Bangkok.

To learn more, visit OneTrust.com or connect on LinkedInTwitter, and YouTube.


You may also like

Infographic

Data Discovery & Classification

Data governance in manufacturing: Challenges and use cases

Learn the impact a data governance program has in manufacturing and how it enables greater efficiency across your supply chain

February 26, 2024

Learn more

Infographic

Data Discovery & Classification

What to look for in a data discovery solution

Make sure you choose the right data discovery solution for your organization with our comprehensive breakdown of key benefits and features to look for.

February 20, 2024

Learn more

Infographic

Data Discovery & Classification

Data governance in retail: Challenges and use cases

Learn how data governance can help manage the high volume and sensitivity of data that runs through your retail operations.

February 12, 2024

Learn more

Infographic

Data Discovery & Classification

Data governance in healthcare: Challenges and use cases

Learn how data governance can help your healthcare organization effectively manage its protected health information (PHI) and other sensitive data.

February 08, 2024

Learn more

Infographic

Data Discovery & Classification

Data governance in financial services: Challenges and use cases

Learn how data governance can help address common challenges in the financial services industry and protect your most critical information.

January 12, 2024

Learn more

Webinar

Data Discovery & Security

A guided tour of OneTrust Data Discovery magic

Our expert speaker will demonstrate how common real-world data challenges can be identified, addressed, and reported on, leading to better data governance, security, and alignment with business goals. 

October 26, 2023

Learn more

Webinar

Data Discovery & Security

Data minimization and risk assessment in data discovery

Explore the concept of data minimization and its crucial role in enhancing security, privacy, and reducing risk.

October 19, 2023

Learn more

Webinar

Data Discovery & Security

Data Discovery Dispelled: Unmasking the mysteries of data

Join us for a journey into the heart of data management as we explore the depths of data within organizations and shed light on how technology can enhance data security, privacy, and compliance.

October 12, 2023

Learn more

Webinar

Data Discovery & Security

Data Discovery Dispelled: Data's dark corners

Join the first part of our Data Discovery Dispelled webinar series where we will discuss the hidden sensitive information that could pose risks for your organization.

October 12, 2023

Learn more

Report

Data Discovery & Security

OneTrust named a strong performer in 2023 Forrester Data Governance Wave​

Download The Forrester WaveTM: Data Governance Solutions, Q3 2023 report to see why OneTrust was named a strong performer.

September 26, 2023

Learn more

Data Sheet

Data Discovery & Security

Data Discovery and Security

Explore our OneTrust Data Discovery and Security data sheet to learn how you can discover and control your data while enabling your teams.

September 18, 2023

Learn more

eBook

Data Discovery & Classification

Ultimate guide to building a data governance program

Download this eBook and learn practical methods in building a flexible data governance program that aligns with your business.

August 14, 2023

Learn more

Webinar

Data Discovery & Classification

Live demo: OneTrust Data Discovery

See how OneTrust Data Discovery can help your organization achieve complete data visibility to empower your security program and reduce risk.

June 23, 2023

Learn more

Webinar

Data Discovery & Classification

Data responsibility: The information security professional’s higher purpose

Join OneTrust and KPMG for a dialogue with Information Security leaders on managing the balance between risk and reward when handling sensitive customer information.

June 20, 2023

Learn more

Webinar

Data Discovery & Classification

OneTrust Data Discovery Day: A deep dive into automating data discovery and classification

Join us for a two-hour deep dive into data discovery and how OneTrust helps privacy, IT, and security teams understaind their data and achieve risk reduction goals.

June 13, 2023

Learn more

Infographic

Data Discovery & Classification

How OneTrust Data Discovery integrates with Microsoft 365

Explore three key integration capabilities of OneTrust Data Discovery and Microsoft 365.

June 13, 2023 3 min read

Learn more

Report

Privacy & Data Governance

Gartner® Innovation Insights: Data Security Posture Management (DSPM)

Read this report from Gartner® that highlights some of the key capabilities needed in a DSPM.

 

May 30, 2023

Learn more

Webinar

Trust Intelligence

How the Onetrust platform is innovating to unlock the value of trust

Join this webinar to learn how OneTrust is enhancing its privacy management, data governance, and consent and preferences solutions to help organizations tackle data sprawl and enable regulatory agility.

May 24, 2023

Learn more

Data Sheet

Data Discovery & Security

Employee onboarding and offboarding management

Download our onboarding and offboarding management data sheet and learn how OneTrust Certification Automation can help reduce your risk exposure and improve compliance.

May 17, 2023

Learn more

White Paper

AI Governance

Navigating responsible AI: A privacy professional's guide

Download our white paper and learn how privacy teams help organizations establish and implement polices that ensure AI applications are responsible and ethical. 

May 03, 2023

Learn more

Infographic

Data Discovery & Classification

The CISO challenge: Data. Threats. Regulations.

Unstructured data poses risks due to its open access and lack of governance, and CISOs need to implement measures to track, de-risk, and protect it.

March 03, 2023

Learn more

Webinar

Data Discovery & Security

Insights & analytics: Digging into the data to measure and accelerate trust programs webinar

See how OneTrust Insights and Analytics empowers privacy, marketing, data, and security teams with reporting functionality using solution-based dashboards.

August 02, 2022

Learn more

Webinar

Data Discovery & Security

Rethinking trusted data

Join us for a discussion on the latest trends in trusted data and how you can take critical steps to build trust in data practices

May 24, 2022

Learn more

Webinar

Data Discovery & Security

Optimizing data usage through integrated data privacy and governance

Join us for a discussion on driving better business use and outcomes from data while ensuring regulatory requirements are met.

May 24, 2022

Learn more

Webinar

Data Discovery & Security

Build your foundation through data discovery & mapping

In this webinar we cover how data discover and mapping helps you streamline compliance with US privacy laws such as the CPRA, the CDPA, and Colorado's Privacy Act.

March 24, 2022

Learn more

Webinar

Data Discovery & Security

UK DSAR Automation: How Data Discovery enhances your DSAR workflow

Learn how OneTrust Data Discovery enhances DSAR workflow and automates the DSAR lifecycle in this webinar.

March 18, 2022

Learn more

Webinar

Data Discovery & Security

Data Discovery South Africa: How to create value and demonstrate trust through your data?

Watch this webinar and discover how automated data discovery is helping clients in South Africa create value and demonstrate trust. 

March 10, 2022

Learn more

Webinar

Data Discovery & Security

Data Discovery Türkiye: How to create value and demonstrate trust through your data?

Watch this webinar and discover how automated data discovery is helping clients in Türkiye create value and demonstrate trust. 

March 09, 2022

Learn more

Webinar

Data Discovery & Security

Data Discovery Hungary: How to create value and demonstrate trust through your data? | Resources | OneTrust

Watch this webinar and discover how automated data discovery is helping clients in Hungary create value and demonstrate trust.

March 08, 2022

Learn more

Webinar

Data Discovery & Security

Data Discovery Romania: How to create value and demonstrate trust through your data?

Watch this webinar and discover how automated data discovery is helping clients in Romania create value and demonstrate trust. 

March 08, 2022

Learn more

Webinar

Data Discovery & Security

Data Discovery Israel: How to create value and demonstrate trust through your data?

Watch this webinar and discover how automated data discovery is helping clients in Israel create value and demonstrate trust. 

March 05, 2022

Learn more

Webinar

Data Discovery & Security

Privacy automation: bridging the gap between compliance & data governance to deliver trusted public services

Learn how you can take the first steps towards data intelligence and advance your privacy program to the next phase of automation and maturity.

January 18, 2022

Learn more

Webinar

Data Discovery & Security

Automating the classification and mapping of sensitive data​

In this free webinar, learn how to automate the classification and mapping of sensitive data and speed compliance.

January 10, 2022

Learn more

Webinar

Data Discovery & Security

3 keys to a unified data governance program

Learn how properly governed data leads to better data quality, increased data intelligence and more trusted data. 

August 27, 2021

Learn more

Infographic

Data Discovery & Security

The 4 pillars of data intelligence

Learn the Four Pillars of Data Intelligence and discover how to develop an effective data program.

August 02, 2021

Learn more

Webinar

Data Discovery & Security

Data intelligence: Using and improving your data

In the final webinar in the series, we explore the final step on the path towards data intelligence - using and improving your data.

July 19, 2021

Learn more