Almost a year ago the European Court of Justice ruled that the EU-US Safe Harbour process that had long been in place to authorise personal data transfers from the EU to the US was inadequate to protect the rights of European citizens. Whilst most small businesses may not actively transfer data to the US they may find that their email provider does or they inadvertently do through use of cloud based file sharing systems like Dropbox.
After much debate, discussion and no doubt political wrangling a new process has finally been agreed and implemented. Called the EU-US Privacy Shield, this places stronger privacy requirements on US companies. The Information Commissioner’s Office (ICO) has recently published a blogpost summarising the new position on what steps organisations that transfer personal data to the US should take. For more details see:
To check whether your provider is signed up to the new EU-US Privacy Shield see the US Department of Commerce Privacy Shield website: