Your company might be certified, but are your vendors? Might your firm be liable for your clients data transfers between vendors such as eDiscovery firms, Insurance Agencies, Expert Witnesses?
According to FTC Comissioner *Julie Brill, US and EU firms should strive to do the following:
-Adopt privacy by design; -Increase transparency; -Enhance consumer control; -Improve data accuracy and consumers’
access to their data; -Strengthen data security; -Provide parental control over information
companies collect about children; and -Encourage accountability.
Safe Harbor Lookup/Search
http://safeharbor.export.gov/list.aspx
The *U.S.-EU Safe Harbor Framework provides a method for U.S. companies to transfer personal data outside the European Union in a way that\’s consistent with the EU Data Protection Directive. To join the Safe Harbor, a company must self-certify to the Department of Commerce that it complies with EU standards. The FTC enforces the promise that companies make when they certify that they participate in the Safe Harbor Framework.
Sources: http://business.ftc.gov/us-eu-safe-harbor-framework