The European Commission released its draft Decision on the adequacy of the new EU–U.S. Privacy Shield program, accompanied by the new Principles along with information on how the Program will work. The new arrangement will require that companies meet stronger obligations to protect the personal data of Europeans and introduces stronger monitoring and enforcement by the US Department of Commerce (DOC) and the Federal Trade Commission (FTC). Now more than ever, companies need guidance to ensure requirements under the new framework are met.
Companies come to TRUSTe when they’re concerned about the protection of customer and HR data in their global operations. Business teams especially want to mitigate any risks when expanding or acquiring operations in Europe requiring the collection, use and transfer of EU customer or employee data to non-EU nations.
Securing EU-US Privacy Shield Self-Certification should be a critical component of your global compliance strategy as it will provide you with a mechanism for establishing “adequate” protections required for cross-border data transfer under EU laws.
EU-US PRIVACY SHIELD Solutions
TRUSTe offers three (3) packages* to provide the level of EU-US Privacy Shield support that your organization needs.
| Dispute Resolution Package | Assessment Package | Verification Package | |
|---|---|---|---|
| Dispute Resolution | |||
| Privacy Feedback Button | |||
| Comprehensive Assessment | |||
| Findings Report | |||
| Tracker Scanning | |||
| Ongoing Guidance | |||
| Searchable Audit Trail | |||
| Remediation / Validation | |||
| Privacy Certification Seal | |||
| Letter of Attestation | |||
| EU-US Privacy Shield Registration Guidance |
*TRUSTe can initiate your Privacy Shield review based on the draft Privacy Principles, and will conduct the final review upon ratification of the Privacy Principles.
If you want to address both Privacy Shield and Model Contract Clause compliance, check out our comprehensive two-in-one EU Data Transfer Privacy Assessment solution.
Key Benefits
- Accountability-on-demand to respond to any inquiries, providing searchable evidentiary support of your privacy compliance
- Demonstrated privacy commitment to build trust with users, clients, business partners, and regulators
- Streamlined process minimizes disruption to your daily business operations and lightens the load for your in-house team
- Flexibility to extend assessment to certification with remediation guidance and verification
DISPUTE RESOLUTION FEATURES
Dispute Resolution
TRUSTe provides a third-party dispute resolution service, which helps you efficiently manage privacy inquiries from customers, and addresses the dispute handling requirements of the EU-US Privacy Shield (which replaces “US-EU Safe Harbor”) Framework.TRUSTe Privacy Feedback Button
We provide you with external demonstration to consumers, business partners and regulators that your company uses TRUSTe technology and tools to manage privacy related questions or concerns. The Powered by TRUSTe Privacy Feedback Button may be placed on your digital Privacy Policy page and links to a mechanism for consumers to submit questions or feedback.
ASSESSMENT FEATURES
Our Assessments provide you with the information you need to take control with specific steps to mitigate risks.
Comprehensive Assessment
We first define the scope of assessment by business units, product/service lines, and digital properties (websites, apps, cloud platforms). Then determine whether to extend review to employee data or offline practices. A dedicated Privacy Solutions Manager (PSM) works with your team to efficiently guide discovery of necessary information, including relevant data flows. We then evaluate your privacy policies and practices against the EU-US Privacy Shield (which replaces “US-EU Safe Harbor”) Framework requirements.Findings Report
Our team delivers a findings report with a gap analysis dashboard and remediation recommendations so you have the privacy risk information you need to take actionable steps.Tracker Scanning
TRUSTe will apply proprietary scanning technology to the applicable digital properties providing comprehensive insight into personally identifiable information (PII) data collection, first and third party trackers on your property, and level of risk through the Privacy Sensitivity Index (PSI).Ongoing Guidance
You also get access to TRUSTe privacy experts for ongoing policy guidance, along with educational webinars, events, whitepapers, client advisories, privacy tips and research.Searchable Audit Trail
All of your assessment work and supporting documentation is available in a central repository for you to easily search, providing you with a way to respond to inquiries and demonstrate compliance for internal / external audits.VERIFICATION FEATURES
With Assessment results in hand, you have the flexibility to choose whether to obtain additional support for your EU-US Privacy Shield (which replaces “US-EU Safe Harbor”) Self-Certification with the Department of Commerce.
Remediation / Validation
We assist with any necessary remediation steps, including providing relevant templates and process change advice. We then validate that your privacy statements accurately reflect your privacy practices and are consistent with EU-US Privacy Shield (which replaces “US-EU Safe Harbor”) requirements.Letter of Attestation
As proof of TRUSTe Certification, an official Letter of Attestation can be shared with your business partners, providing your organization with competitive differentiation.EU-US Privacy Shield Registration Guidance
TRUSTe will assist with EU-US Privacy Shield Registration and include TRUSTe as named independent Verification Agent and Dispute Resolution Provider, along with notation of membership in TRUSTe Privacy Programs. This provides your organization with a strong submission for EU-US Privacy Shield Self-Certification.TRUSTe Privacy Certification Seal
Once certified, we will authorize your use of the TRUSTe Certified privacy seal for display on your digital properties. The seal will be hosted by TRUSTe and linked to a TRUSTe Validation Page to provide verification along with an easy-to-understand consumer notice that you meet globally recognized privacy requirements, including the EU-US Privacy Shield, upon which the TRUSTe Standards are based.
ADDRESS A WIDE RANGE OF PRIVACY CHALLENGES
We provide a number of service tracks specifically designed to tackle the most important privacy challenges faced by our clients. TRUSTe EU-US Privacy Shield (which replaces “US-EU Safe Harbor”) Assessments and Certifications are part of our broad range of privacy services. You may also be interested in our Enterprise, Asia Cross Border, or Kids Privacy services to further expand your risk and compliance management efforts. Learn More »
TRUSTe Privacy Professionals
TRUSTe Privacy Services are delivered by our Privacy Consultants and Privacy Services Managers, a team of recognized data privacy experts with significant experience conducting privacy assessments. Our team has a unique hybrid background of privacy, technology, business process, and project management experience. All are CIPP trained or certified, many have law degrees, and have hands-on experience working for a wide range of companies including Adobe, American Express, Citrix, Comcast, HSBC Bank, IBM, Kimberly-Clark, Microsoft, Pfizer, and many more.
Our privacy team leverages nearly 20 years experience delivering data privacy management solutions for thousands of global brands along with our comprehensive technology platform. We also have key regulatory relationships and are a leading provider of privacy services supporting regulatory and self-regulatory compliance programs for a wide range of agencies including APEC, DOC, DAA, EDAA, and FTC.
TRUSTe Technology Platform
Our Data Privacy Management Services leverage the TRUSTe Platform, a comprehensive, SaaS technology solution that provides state of the art assessment management, compliance control, and website scanning / monitoring capabilities.
