In a development eagerly anticipated by businesses on both sides of the Atlantic, the European Commission has published the legal instruments needed to put in place the “EU-U.S. Privacy Shield” for transfers of personal data from Europe to the United States. The issued documents include a draft adequacy decision by the Commission finding that the […]
Data Security
HHS Issues HIPAA Security Rule Crosswalk with NIST Cybersecurity Framework
Last week, the HHS Office for Civil Rights (OCR) released a crosswalk between the requirements of the HIPAA Security Rule and the NIST Cybersecurity Framework. The crosswalk – which was developed in conjunction with the National Institute of Standards and Technology (NIST) and the HHS Office of the National Coordinator for Health IT – maps each […]
Managing the E.U. Data Transfer Landscape
On January 28, Alston & Bird presented “Practical and Strategic Considerations in Today’s EU Data Transfer Landscape.” The panel addressed new laws and breaking events in European Union data privacy. The panel reviewed the status of talks around a revised “Safe Harbor 2.0” following the invalidation of Safe Harbor last October. The panel offered strategic […]
Revised Safe Harbor Agreed: Introducing the New “EU-U.S. Privacy Shield”
European Commission and U.S. officials today announced reaching a “political agreement” on a new Safe Harbor framework. The new framework will be called the “EU-U.S. Privacy Shield.” In a press conference and a press release today, European officials highlighted the following points about the new framework: Limitations on surveillance: Commission officials report that the U.S. […]
Statement from Peter Swire on Safe Harbor Agreement
Peter Swire issued the following statement today following news of a revised Safe Harbor framework. Today the European Union and United States announced a new framework for transatlantic data flows, called the EU-US Privacy Shield. This will update the EU-US Safe Harbor agreement, for which I was part of the negotiating team in 2000. At […]