Monday 27 June 2022
Select a region
Business

ODPA publishes new guidance on data transfers

ODPA publishes new guidance on data transfers

Wednesday 22 June 2022

ODPA publishes new guidance on data transfers

Wednesday 22 June 2022


The Office of the Data Protection Authority (ODPA) has offered three new updates to help protect people’s data when it is transferred outside of the Bailiwick of Guernsey.

The updated guidance and resources published by the ODPA have been produced to help local organisations and businesses navigate the very complex legal landscape around data transfers.

A data transfer occurs when people’s data is sent outside of the Bailiwick, for example, by using online products or services such as US-based Mailchimp to send subscribers a newsletter, or communicating with your customers via your organisation’s Facebook page, or employing a company in another jurisdiction to provide customer services. 

The first update, ‘Guidance on International Data Transfers’ is a step-by-step guide to the things which need considering before transferring people’s data outside the Bailiwick. The second update is ‘Guidance and a self-assessment tool for Transfer Impact Assessments’ which contains a series of questions to help make risk self-assessments posed by a transfer of someone’s data outside of the Bailiwick.

Finally, the third update is ‘The Bailiwick of Guernsey Addendum for the EU Commission’s Standard Contractual Clauses (SCCs)’ which is a legal document on which restricted amendments can be made to protect data by using it in conjunction with the EU Commission’s Standard Contractual Clauses. 

Emma_Martins_ODPA_from_2021_to_use.jpg

Pictured: Data Protection Commissioner Emma Martins.

The ODPA says that the Bailiwick has high standards of data protection thanks to the local data protection law which is considered essentially equivalent to the European Union’s data protection legislation. However, many jurisdictions around the world do not offer the same legal protections. 

This mismatch of legal protections means that anyone working with people’s data in the Bailiwick must take special care whenever they transfer that data to areas of the world where there is less protection, according to the ODPA.

The Bailiwick’s Data Protection Commissioner, Emma Martins, said the legal landscape around data is constantly evolving and complex.

“The first step is always to understand what data you have and where that data is located. It is essential for all organisations to understand the risks as well as the opportunities around data transfers,” she said.

“We must all be proactive in ensuring people’s data continues to be looked after if it leaves the Bailiwick. The people whose data it is retain their legal rights over it, and your organisation remains responsible for ensuring it is protected.” 

Sign up to newsletter

 

Comments

Once your comment has been submitted, it won’t appear immediately. There is no need to submit it more than once. Comments are published at the discretion of Bailiwick Publishing, and will include your username.

There are no comments for this article.

To place a comment please login

You have landed on the Bailiwick Express website, however it appears you are based in . Would you like to stay on the site, or visit the site?