The loss of the less popular Privacy Shield will impact investigations and cross-border litigation far less than the uncertainty that now accompanies the use of SCCs, especially when organisations have time constraints imposed by the proceedings.
There remain only limited tools available for groups to manage their data following the Schrems II ruling. Organisations now need to conduct and document a risk assessment to decide whether SCCs provide adequate protection in light of the local legal framework of the recipient’s country and, where they do not, to deploy additional measures.
Kate Brimsted, Geraldine Scali and Jack Dunn wrote about this in our Emerging Themes in Financial Regulation 2021 publication.
Read other articles on Emerging Themes in Financial Regulation 2021 – Risk
Click here to view the original post