Get Ready: Vendor Compliance and the UK’s Proposed TRA, IDTA and Amended EU SCCs

Less than a month ago, the Information Commissioner’s Office (ICO) revealed its draft for “how organisations can continue to protect people’s personal data when it’s transferred outside of the UK.” This consultation, which ends Oct. 7th, asks for responses to three core elements, which are 1) Proposal and plans for updates to guidance on international transfers; 2) Transfer risk assessments (TRA); and 3) The international data transfer agreement (IDTA). Additionally, the ICO has released a draft of its UK Addendum to the EU Commission Standard Contractual Clauses (SCCs). Why is this important? According to the ICO: “The IDTA will replace the current standard contractual clauses (SCCs) to take into account the binding judgment of the European Court of Justice in a case commonly known as ‘Schrems II’. The ruling required organisations to carry out further diligence when making a transfer of personal data outside of the UK to countries without an adequacy decision.” Given that vendors are often participants in these data transfers, the way you work with many of them will likely change.


In this 30-minute webinar, we’ll outline:

  • The ICO announcement regarding personal data transfers and why it matters
  • Anticipated impact of the IDTA on your vendor management strategy
  • Steps to take today to ready your organisation for potential changes
  • What the ICO Guidance, IDTA, TRA, and Amended EU SCCs mean in practice


The speaker Linda Thielová 's profile image
Linda Thielová

Head of Privacy CoE, DPO


Watch Video

Note: All fields marked with * are required
(Important: event info will be sent to this e-mail address.)

I’d like email updates on local privacy events and news, resources and products to stay connected with my community. Unsubscribe at any time.

I’d like a solution expert to provide product information or show me a custom demo of the OneTrust platform

How would you like us to contact you?

Privacy Notice

You can learn more about how we handle your personal data and your rights by reviewing our privacy notice.

You might also be interested in

SEPTEMBER 17, 2021

OneTrust Recognized in 2021 Gartner® Critical Capabilities​ for IT Risk Management​

SEPTEMBER 16, 2021

OneTrust Recognized in the 2021​ Gartner® Magic Quadrant™ for IT Risk Management​

SEP 28, 2021

Discover, Classify, and Govern Your Data in Box with OneTrust DataGovernance

SEP 21, 2021

Prepare for the Schrems II September Deadline

SEP 28, 2021

OneTrust ESG Enterprise Solution

SEP 30, 2021

C-Suite Panel: Building a Third-Party Risk Strategy Across Security, Privacy, Ethics, and ESG

SEP 21, 2021

Controller or Processor? EDPB Guidelines Unpacked


OneTrust Recognized in 2021 Gartner® Critical Capabilities for IT Vendor Risk Management Tools*

Onetrust All Rights Reserved