The Schrems II ruling has created serious implications for data privacy around the globe, forcing organisations to understand its ramifications for their data security strategies. With many opinions surfacing as to what is right and what is wrong, the recent recommendations from the European Data Protection Board provides guidance on measures organisations can take to be compliant with GDPR when sending EU citizen data outside the region. Drawing on real-life examples, and his own experiences, Todd Moore, Vice President of Data Protection Products at Thales, looks at how organisations can decipher the data security implications of Schrems II and create a data protection framework that:
· Drives action and removes the ambiguity through an organisation’s choice for data protection strategies
· Enables the creation of a best practice continuum to be carried across all areas of the data protection lifecycle from discovery, through the many nuances of encryption and key management to controlling access.
· Ensures that discover, protect, control is now at the core of every Board level business continuity plan