OneTrust today announced a range of free Schrems II Solutions to help organizations respond to the operational challenges posed by the Schrems II decision. These solutions will help organizations identify existing data transfers and mechanisms, use pre-built templates to assess the validity of those relying on Standard Contractual Clauses (SCCs), and manage any required contract updates and vendor changes.
To legally transfer personal data from the EU to a third country, it must be shown that the recipient country and company have an equivalent level of data protection to that of the GDPR. With its judgment on the Schrems II case in July 2020, the Court of Justice of the European Union (CJEU) invalidated and cast doubt upon the two most common mechanisms relied on for transfers the United States: EU-US Privacy Shield and SCCs, respectively. While SCCs are still valid, they will require case-by-case consideration and it is unlikely that SCCs alone will establish GDPR equivalency.
To support the operational challenges posed to organizations by the CJEU’s ruling, OneTrust launched free Schrems II Solutions to assist controllers in identifying and validating data transfers with OneTrust Vendor Risk Management, Vendorpedia Exchange, Data Mapping, and DataGuidance. OneTrust’s Schrems II Solutions will help organizations:
OneTrust’s solutions also help processors implement holistic privacy programs, track guidance on compensating controls for GDPR equivalency, and implement those controls as they are identified.
“The Schrems II ruling presents a brand-new set of challenges and we want to help our customers adapt their processes to continue to transfer personal data in line with the law,” said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). “With OneTrust’s Schrems II Solutions, organizations can evaluate alternatives to Privacy Shield and demonstrate accountability when continuing to rely on SCCs for those transfers.”
OneTrust, OneTrust Schrems II Solutions, OneTrust Data Mapping, OneTrust Vendor Risk Management, Vendorpedia, Vendorpedia Exchange, and DataGuidance are registered trademarks or trademarks of OneTrust LLC or its subsidiaries in the United States and other jurisdictions.
OneTrust’s Schrems II Solutions are available today with new templates added over the coming weeks.
OneTrust is the #1 fastest growing and most widely used technology platform to help organizations be more trusted, and operationalize privacy, security, data governance, and compliance programs. More than 6,000 customers, including half of the Fortune 500, use OneTrust to build integrated programs that comply with the CCPA, GDPR, LGPD, PDPA, ISO27001, and hundreds of the world’s privacy, security, and compliance frameworks.
The OneTrust platform is powered by the OneTrust Athena™ AI and robotic automation engine, and our offerings include: