Safe Harbor Program Certification
The ControlCase Safe Harbor program is designed to assist companies intending to self-certify their compliance with the US - EU Safe Harbor Framework as set forth by the U.S. Department of Commerce. The ControlCase Safe Harbor program provides guidance prior to and during the self-certification application process, along with support afterwards.
The Safe Harbor certification program is a process developed by the U.S. Department of Commerce in consultation with the European Commission aimed at assisting U.S. companies to comply with the EU Directive 95/46/EC on the protection of personal data.
Intended for U.S. organizations that process personal data collected in the EU, the Safe Harbor Principles are designed to assist eligible organizations to comply with the EU Data Protection Directive and maintain the privacy and integrity of that data.
U.S. companies can opt into the program (I.e. self-certify to the U.S. Department of Commerce) as long as they adhere to the 7 principles as outlined below
- Notice - Individuals must be informed that their data is being collected and about how it will be used.
- Choice - Individuals must have the ability to opt out of the collection and forward transfer of the data to third parties.
- Onward Transfer - Transfers of data to third parties may only occur to other organizations that follow adequate data protection principles.
- Security - Reasonable efforts must be made to prevent loss of collected information.
- Data Integrity - Data must be relevant and reliable for the purpose it was collected for.
- Access - Individuals must be able to access information held about them, and correct or delete it if it is inaccurate.
- Enforcement - There must be effective means of enforcing these rules.
For more information on Safe Harbor visit the U.S. Department of Commerce Safe Harbor website at http://www.export.gov/safeharbor/