MUNICH, July 16, 2020 /PRNewswire/ — Today, OneTrust announced it is expanding its current EU hosting options already available by OneTrust in response to the Schrems II decision. This expanded solution will help support customers respond to the impact on their business following today’s CJEU’s ruling invalidating the EU-US Privacy Shield as an appropriate mechanism to transfer personal data outside of the EU. While the CJEU upheld the use of Standard Contractual Clauses (SCCs), the decision has evoked industry uncertainty regarding using SCCs as the mechanism for data transfers to the US.
“The impact of this decision is immediate and global,” said Eduardo Ustaran, Partner and Global Co-Head of the Privacy and Cybersecurity practice at Hogan Lovells. “It goes significantly further than the invalidation of the Privacy Shield as it requires companies to bear in mind other countries’ powers over data access when engaging in global data flows. This is a big job.”
EU Containerised OneTrust Solution
OneTrust today offers hosting across the globe with data centres in Germany, France, Australia, Brazil, Canada, Singapore, Switzerland, the United Kingdom, and the United States. With this announcement, OneTrust will expand its EU-hosting options to offer a fully containerised solution in response to the Schrems II decision.
As the first company in the world to achieve ISO 27701 certification – the privacy extension of the ISO 27001 – OneTrust has a demonstrated track record of building technology based on high privacy and security standards. In collaboration with our Customer Advisory Board (CAB), OneTrust is committed to maintaining a high level of controls to support our customers and honour the Schrems II decision.
OneTrust customers can monitor and provide input on the updates in the online myOneTrust portal.
OneTrust DataGuidance Schrems II Resources for Privacy Professionals
OneTrust DataGuidance also today announced free resources and tools dedicated to help privacy professionals understand the impact of the Schrems II decision. These resources are continually updated to include analysis, articles, webinars, and reports to help privacy professionals understand their impact and plan for operations with the EU-US Privacy Shield invalidated.
- Expert webinars, including post-decision reaction and details on what the Schrems II decision means to your privacy program
- In-depth articles and analysis about the Schrems II decision
- The Data Transfer Comparison Tool updated with Schrems II guidance to help professionals review and compare regulations across multiple jurisdictions at a glance
Get started with a free DataGuidance trial today
OneTrust Technology for Cross-Border Data Transfers
OneTrust’s suite of privacy, security and data governance solutions are optimised to support companies as they address the impact to their business based on the Schrems II decision by helping them determine what data exists and how it moves within the organisation and out to vendors.
- OneTrust DataDiscovery is an AI-powered solution to discover and classify personal data and the IT systems that contain it, helping organisations to understand where their personal data resides.
- OneTrust Data Mapping helps companies better understand where and how data is transferred, giving a clearer view of which processes are impacted by the EU-US Privacy Shield invalidation along with the ability to document alternative transfer mechanisms.
- OneTrust Vendorpedia enables organisations to manage their vendor relationships, including contracts, DPAs, and data transfer agreements to ensure vendors are managing global data flows appropriately.
Learn more about how OneTrust can help with Schrems II impact
For more information on the Schrems II decision, visit our free resources and register for our webinar, What Schrems II Means for Your Privacy Program on 23 July. For information or to request a demo, visit OneTrust.com.
OneTrust is the #1 most widely used technology platform to help organisations be more trusted, and operationalise privacy, security, data governance, and compliance programs. More than 6,000 customers, including half of the Fortune 500, use OneTrust to build integrated programs that comply with the CCPA, GDPR, LGPD, PDPA, ISO27001, and hundreds of the world’s privacy, security, and compliance frameworks.
The OneTrust platform is powered by the OneTrust Athena™ AI and robotic automation engine, and our offerings include:
- OneTrust Privacy – Privacy Management Software
- OneTrust PreferenceChoice™ – Consent and Preference Management Software
- OneTrust Vendorpedia™ – Third-Party Risk Management Software and Cyber Risk Exchange
- OneTrust GRC – Integrated Risk Management Software
- OneTrust DataDiscovery™ – AI-Powered Discovery and Classification
- OneTrust DataGovernance – Governance and Metadata Management
- OneTrust Ethics – Compliance and Ethics Software
- OneTrust DataGuidance™ – Regulatory Research Software