What is the EU-US Privacy Shield?

The EU-US Privacy Shield is an agreement between the United States Department of Commerce and the European Union to safeguard the personal data of citizens of the European Union that is transferred to the United States. The agreement is designed to ensure that any organization in the United States that processes EU citizen data is compliant with the same standards for data protection applied within the EU. It addresses issues such as informing individuals of data collection practices, allowing individuals to access and correct their personal data, and creating an effective enforcement mechanism. The EU-US Privacy Shield was established in response to the invalidation of the EU-US Safe Harbor framework in 2015. It is a successor to the framework and provides EU citizens with increased privacy protection when their data is transferred to the United States. To be eligible for the EU-US Privacy Shield, organizations in the United States must self-certify, publicly affirm their commitment to comply with the Privacy Shield principles, and submit to a third-party dispute resolution process. In Pennsylvania, organizations that intend to process personal data of EU citizens must comply with the EU-US Privacy Shield as well as the state’s data security law. The law requires organizations to adopt reasonable data security measures to protect personal information from unauthorized access, use, or disclosure. Organizations are also required to notify individuals of any security breach which may cause harm to the individuals whose information may have been accessed or acquired.

Related FAQs

What is the role of data security in ecommerce transactions?
What is the Gramm-Leach-Bliley Act (GLBA)?
What is the right to be forgotten?
What is the Fair and Accurate Credit Transactions Act (FACTA)?
What is the purpose of the GDPR breach notification requirement?
What is the scope of HIPAA?
What is the Right to Access personal data?
What steps should I take to protect my data on the cloud?
What are common data security threats?
What is the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework?

Related Blog Posts

Top 5 Recent Developments in Data Security Law - July 31, 2023
Understanding the Impact of Data Security Law on Businesses - August 7, 2023
What is the GDPR and How Does it Apply to Data Security Law? - August 14, 2023
What is the Role of the Federal Government in Regulating Data Security Laws? - August 21, 2023
Are State Data Security Laws Compliant With GDPR Regulations? - August 28, 2023