This blog post was first published on February 14th, 2017.
With the upcoming first annual review of the EU/US Privacy Shield in September 2017, the article written by Justine Brown explores the status of the pact that regulates the transfer of data across the Atlantic and the important role Chief Information Officers (CIOs) in tech industries play in ensuring adherence to the policy.
The responsibility of CIOs since the establishment of the EU/US Privacy Shield is to ensure that the organization moves data around the world in a rapid and secure manner, while maintaining trust between the company and its customer. CIOs must be familiar with the privacy shield, not only to ensure adherence to European data protection privacy rules, but also because by understanding the rules, CIOs can become more creative in maintaining cost efficient IT systems. Specifically, Brown, quoting Eduard Goodman of CyberScout, a north american cybersecurity company, notes that,”proper use of Privacy Shield to structure IT infrastructure in any international business can be worthwhile in and of itself as it can also potentially save operational expenses and IT budget expenses.”
Beyond cost effectiveness and trust, CIOs need to work to ensure that the IT systems are up-to-date and continuously monitor privacy agreements, and maintain necessary process and technology tools to ensure adherence to the privacy shield.
However, one thing noted by Goodman is that all CIOs should keep in mind that the Privacy Shield might not be around forever. As with its predecessor, Safe Harbor, and pending court cases regarding the validity of various aspects of the Privacy Shield, flexibility is key in navigating the laws and policies of cross atlantic data transfers.