Resource

Schrems II Action Plan: How Working with Vendors Will Change

In July 2020, the CJEU’s Schrems II judgment invalidated the EU-US Privacy Shield and required additional safeguards when using standard contractual clauses (SCCs) to transfer personal data from the EU to non-EU/EEA third countries. As a result, many organizations had to find alternative mechanisms to lawfully transfer personal data and evaluate the level of data protection in third countries. Since then, organizations have eagerly waited for the European Data Protection Board (EDPB) to provide clarity in its final Schrems II recommendations on supplementary measures for international personal data transfers. On June 18th, the EDPB released that guidance.

 

The EDPB’s recommendations outline a six-step roadmap to ensure the lawfulness of personal data transfers and describe specific technical, contractual, and organizational measures data exporters and data importers should consider implementing to ensure that transferred personal data enjoys an essentially equivalent level of data protection as that guaranteed in the EU.

 

So, what does this mean for your vendor risk management strategy? In this 30-minute webinar, we’ll discuss practical steps for adapting your vendor risk management strategy to meet the EDPB’s guidance. This will include:

  • Overview of the six-step roadmap for international personal data transfers
  • Key aspects to consider for assessing a third-country’s level of personal data protection
  • How to evaluate and adopt supplementary measures for personal data transfers
  • Next steps for your vendor risk management program

Watch Video

Note: All fields marked with * are required
(Important: event info will be sent to this e-mail address.)

I’d like email updates on local privacy events and news, resources and products to stay connected with my community. Unsubscribe at any time.

I’d like a solution expert to provide product information or show me a custom demo of the OneTrust platform

How would you like us to contact you?

Privacy Notice

You can learn more about how we handle your personal data and your rights by reviewing our privacy notice.

Onetrust All Rights Reserved