Guest
Cross border personal data transfer procedure
I am having a hard time understanding the requirements for the cross border personal data transfer procedure. If personal data is stored electronically, yet is only accessible within your organization, does that mean it falls under this policy? As an example, we have an HR system with information on UK employees. HR staff in the US can access this. However, the data is not being sent to a third party; it is all retained within our organization. Is this considered a cross border transfer, or not?
Assign topic to the user
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Expert
Andrei Hanganu
Mar 17, 2018
Answer:
First of all I would like to mention that cross border transfer refers to the situation where personal data is stored or accessed from outside the EEA. So in your case if the data is stored in UK but it can be accessed from the US than it is definitely a cross border data transfer.
Comment as guest or Sign in
Mar 17, 2018
Mar 17, 2018
Mar 17, 2018