Cross-Border Data Transfers Flashcards

1
Q

Options for cross-border data transfers as defined in the GDPR

A

(1) Adequacy decisions
(2) Appropriate safeguards
(3) Derogations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which body makes adequacy decisions?

A

European Commission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Canada is deemed adequate under what provision?

A

Data protected by PIPEDA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The USA is deemed adequate under what provision?

A

EU-US Privacy Shield

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Privacy Shield Requirements include:

A
  • Commit to the Privacy Shield Principles
  • Publicize that commitment
  • Publicly disclose the orgs privacy policy
  • Implement the Principles
  • Annually renew the certification
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Privacy Shield Principles include:

A
  • Notice
  • Choice
  • Accountability for onward transfers
  • Security
  • Data integrity and purpose limitation
  • Access
  • And recourse, enforcement, and liability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Appropriate safeguards include:

A
  • Binding Corporate Rules (BCRs)
  • Standard contractual clauses
  • Approved codes of conduct or cert. mechanisms
  • Ad hoc contractual clauses
  • Reliance on international agreements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly