SERVICE
EU-U.S. Privacy Shield GDPR
Schedule
What is Privacy Shield Certification?
The EU Privacy Shield framework was developed by the U.S. and European Union to safeguard private data transmission between the two continents.
The privacy shield agreement sets standards for both employee and customer data transfers, as well as any use of third party vendors.
So if your business or organization exchanges data between the U.S. and E.U., youโll want to strongly consider privacy shield self-certification to ensure all data privacy shield requirements are met.
GDPR vs Privacy Shield: Understanding the Difference
Though they are directly related, Privacy Shield and GDPR are distinct.
The General Data Protection Regulation (GDPR) is a set of legal requirements for protecting the privacy and security of the personal data of citizens or residents of the European Union.
Privacy Shield is a framework designed to facilitate data transfer between the European Union and the United States while complying with Europe's data protection laws.
Who Is Subject to Privacy Shield/GDPR Compliance?
Whether based in the EU or not, any organization that handles the data of citizens or residents of the European Union is subject to the GDPR.
Going through Privacy Shield is initially voluntary, but once an organization complies with the framework and self-certifies, it becomes legally required to comply with the requirements.
Schedule A
Consultation
How to Comply With GDPR Under Privacy Shield
To comply with the GDPR under Privacy Shield, an organization must join the Privacy Shield GDPR program and self-certify, which requires the following steps:
- Confirm that your organization is eligible for the program
- Create a compliant privacy policy statement
- Clarify what your organization's recourse mechanism will be
- Pay the arbitration fund fee
- Implement a compliance verification process
- Select an individual within your organization to serve as the Privacy Shield contact
- Review requirements and submit your organization's self-certification
RSI Security's GDPR compliant services provide expert guidance to ensure a smooth and successful self-certification process.
The Importance of the Privacy Shield Certification
Though Privacy Shield certification is voluntary, it may be the best data privacy certification for organizations handling significant amounts of personal data from Europe.
Organizations that join show their commitment to digital security, safeguarding personal data, and taking the initiative to adhere to a higher standard. Additionally, doing so helps ensure the implementation of robust security controls, reflects well on your organization, and furthers industry efforts to encourage higher standards worldwide.
Non-Compliance Penalties
Failing to comply with Privacy Shield GDPR requirements after joining the program could lead to penalties of up to $40,000 per day or per violation.
Prepare for EU-US Privacy Shield Self Certification
RSI Security provides a wide range of assessment, verification and dispute resolution throughout the Privacy Shield Self-Assessment process:
Overview of RSI Securityโs Privacy Shield Program
Make Privacy Shield self-certification a breeze with the guidance and expertise of RSI Securityโs EU Privacy Shield Framework program. As one of the top data protection vendors in the country, RSI Security will help ensure that youโre up to Privacy Shield US-EU standards.
Showing that your certification of Privacy Shield is now a critical element in any effective, global cybersecurity compliance strategy. RSI Security will help you become one of the many privacy shield certified companies, from your Privacy Shield application through self-certification.
Benefits of Working with RSI Security
How can RSI Security Assist Your Organization with Privacy Shield Self-Certification?
RSI Security has all the bases covered when it comes to your Privacy Shield self-certification.
Privacy Shield Assessment
Weโll help you tick all the boxes of the privacy shield checklist. RSI Security will conduct a complete gap analysis of your data security and transfer practices and help fill in any gaps to help you meet privacy shield agreement standards.
Custom Privacy Review
RSI Securityโs custom privacy review process will guide what actionable steps need to be taken in order to achieve Privacy Shield self-certification. Our team will review your organizationโs current technologies, processes and practices prior to verification.
Verification & Maintenance
Once your Privacy Shield certification is complete, weโll make sure your verified and ready to tell your team and partners that youโre good to go. Our third-party verification services also go hand-in-hand with ongoing privacy certification training to ensure year-round compliance.
Data Privacy by Location
Canada
California
Utah
Colorado
Virginia
Connecticut
Click the
button to expand
North America
California
Colorado
Connecticut
Virginia
Utah
Canada
Europe
Privacy Shield and GDPR FAQs
Privacy Shield is not intended to facilitate compliance with GDPR in its entirety.
It's a framework for participating organizations to meet the European Union's requirements for transferring the personal data of its citizens and residents to outside countries, which are detailed in Chapter five of the GDPR.
Yes, Privacy Shield still acts as a mechanism for handling EU personal data per the legal requirements of the GDPR, and active participants are still legally required to comply.
Participation in Privacy Shield is voluntary at first. However, upon committing to the framework, compliance becomes legally required.
The seven primary Privacy Shield principles are:
- Notice
- Choice
- Accountability for Onward Transfer
- Security
- Data Integrity and Purpose Limitation
- Access
- Recourse, Enforcement, and Liabilityย
All participating organizations must follow these and the 16 supplementary principles for Privacy Shield certification.
Organizations pursuing EU-U.S. Privacy Shield certification must contribute to the framework's arbitration fund by paying a fee based on annual revenue as follows:
- Up to $5 million โ $250
- Over $5 million to $25 million โ $650
- Over $25 million to $500 million โ $1,000
- Over $500 million to $5 billion โ $2,500
- Over $5 billion โ $3,250
The fee increases for organizations that also certify for the Swiss-U.S. frameworks, and annual recertification costs $50.