GLOBAL PRIVACY AND DATA SECURITY LAW...........................................144 EU 1995 Data Directive/General Data Protection Regulation...145 Transfer of Personal Data Outside of the European Union......150 Prior EU-U.S. Safe Harbor ............................................152 Model Contracts - Standard Contractual Clauses (SCCs) ..........................................................................155 Key Differences between the Old SCCs and New SCCs.....................................................................156 Binding Corporate Rules..............................................156 CANADA..........................................................................................162 Personal Information Protection and Electronic Documents Act (PIPEDA) ...................................................162 Canada Anti-Spam Law [SC 2010,C23] ...............................164 OTHER COUNTRIES...........................................................................165 BEST PRACTICES ....................................................................................167 Key Questions Every Business Should Ask Related to Data Privacy and Security....................................................167 Establish a Compliance Program ........................................170 Customized Program ..................................................170 Security Incident and Data Breach Plan ..............................171 Mitigating Risk By Contract .........................................174 Insurance ............................................................................176 Physical Safeguards/Office Design ......................................177 Storage and Maintenance of Electronic Data ..............177 Document Retention - Storage and Maintenance
of Hard Copies..........................................................178 Technical Safeguards ..................................................178 Encryption, Encryption, Encryption ............................179 Limit Access ................................................................180 Limit Data Collected ....................................................180 Remote Access ............................................................180
iv
Made with FlippingBook - Online Brochure Maker