EU-U.S. Privacy Shield Certification

EU-U.S. Privacy Shield Certification

VeraSafe Provides the Industry’s Most Complete Program for Your Privacy Shield Certification.

Enable your organization to lawfully transfer personal data from Europe into the U.S. with certification to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.

But first, your organization will need to comply with the complex requirements of the Framework.

VeraSafe’s Privacy Shield compliance program is the most efficient way for your organization to achieve Privacy Shield certification. Our all-in-one solution provides all of the necessary pieces of the compliance puzzle.

Take the first step today by contacting VeraSafe for a free consultation.

QUESTION:

How Does VeraSafe Make Privacy Shield Certification Easy for Your Company?

ANSWER:

Thorough Privacy Shield Compliance Assessment

VeraSafe’s privacy attorneys and consultants quickly spot your compliance gaps and propose practical solutions, significantly reducing the time it takes you to prepare for certification.

Includes VeraSafe “Privacy Verified” Website Seal

Show off your commitment to privacy and data protection with the VeraSafe “Privacy Verified” website trust seal.

VeraSafe Reviews Your Privacy Policy or Creates One for You

If you have an existing privacy policy, VeraSafe will review it and make any and all changes necessary to meet the Privacy Shield’s certification requirements. If you don’t yet have a privacy policy, VeraSafe creates a fully compliant privacy policy for you.

Mature Project Management and Delivery Framework

Privacy Shield implementation projects are led by VeraSafe’s in-house US and European privacy attorneys, who are supported by our project managers and IT security professionals. Your assigned project team will apply our finely tuned Privacy Shield project plan, tailored to your circumstances and needs. VeraSafe’s years of experience in delivering Privacy Shield (and previously “Safe Harbor Framework”) compliance engagements, paired with our mature project management methodology, ensures efficient delivery with outstanding compliance assurance.

In-depth Manual Penetration Testing (Optional)

VeraSafe conducts an in-depth IT vulnerability penetration test of your in-scope IT systems, and assists you with remediating the identified vulnerabilities.

Dispute Resolution

Your organization will be enrolled in VeraSafe’s Privacy Shield Dispute Resolution program, which satisfies the requirements of the Privacy Shield’s Recourse, Enforcement and Liability Principle.

Privacy and Security Training (Optional)

The Privacy Shield requires you to implement a privacy and security training program for your staff. Our program includes a fully compliant, web-based training solution to satisfy this requirement.

Certification Application Guidance

Your VeraSafe partner will walk you through the certification processes on the Department of Commerce’s Privacy Shield website (via screen sharing).

Third Party Verification with Findings Report

At the end of the assessment, VeraSafe provides you with a detailed compliance verification report that documents exactly how you’re satisfying each and every criteria of the Framework. You can use the report to show third parties that you’re keeping personal data safe.

VeraSafe Helps You Re-certify When the Time Comes

When you need help re-certifying your compliance with the EU-U.S. Privacy Shield and/or Swiss-U.S. Privacy Shield, VeraSafe helps you through the entire process.

Benefits of VeraSafe’s Winning Approach

  • High Assurance

    Your organization’s stakeholders can rest easy knowing that you sought advice from deeply experienced professionals, and completed a rigorous compliance assessment.

  • Focus on Your Core Business

    Skip the time consuming legal and technical research. We’ll answer your most complex Privacy Shield questions with confidence.

  • Deep Experience

    VeraSafe thinks strategically on your behalf. Your project will be delivered by a team of Certified Information Privacy Professionals (CIPP), attorneys, and veterans of “big four” audit and assurance firms.

Key contacts

Matthew Joseph

Matthew Joseph

CIPP/E, CIPP/US

Managing Director

Jim Cormier

Jim Cormier

CIPP/E

SVP of Professional Services and Legal

Fill out the form above, call us, or start a live chat now. Our experts will be happy to provide the answers you need.

EU-U.S. and Swiss-U.S. Privacy Shield Background

Under the strict privacy laws of the European Economic Area and Switzerland, personal data may only be made available to U.S. companies under specific, limited circumstances, including where the U.S. organization is certified under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. U.S. companies can elect to participate in the Frameworks (i.e., self-certify to the U.S. Department of Commerce) as long as they adhere to the rigorous requirements of the Frameworks.

In July 2016, the European Union announced its approval of the EU-U.S. Privacy Shield Framework as a valid legal mechanism to comply with EU requirements when transferring personal data from the European Economic Area to the United States (replacing the former U.S.-EU Safe Harbor Framework). In January 2017, the Swiss government announced its approval of the Swiss-U.S. Privacy Shield Framework as a valid legal mechanism to comply with Swiss requirements when transferring personal data from Switzerland to the United States (replacing the former U.S.-Swiss Safe Harbor Framework). The revised Frameworks reflect the trend towards stronger privacy regulation in Europe. Therefore, it’s more important than ever for U.S. companies to seek expert advice before certifying under the Privacy Shield Frameworks, as the new Frameworks are under increased scrutiny by European and U.S. regulators.

For more information on the requirements for EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield compliance, visit the U.S. Department of Commerce’s Privacy Shield website (https://www.privacyshield.gov/). For help complying with the Frameworks’ complex requirements, contact VeraSafe today.

Why VeraSafe?

Track record of successful privacy engagements across industries.

Work directly with our in-house team of US and European privacy attorneys, IT experts, and project managers.

Strategic, risked-based approach to compliance.

Fully customizable project plan and methodology, tailored to fit your use case.

Reasonable, flexible fee structure and fully customizable engagement scope.

Holistic approach: Our broad expertise ranges from privacy law to cybersecurity operations.