6. Access: Data subjects should be allowed to access their data and make corrections to any inaccurate data.
7. Accountability: Data subjects should have an available method to hold data collectors accountable for following these six principles above.
Source: Europa, European Union Agency for Fundamental Rights
Safe Harbor Act
What it covers: The Safe Harbor Act, which went into effect in October 1998, prohibits the transfer of personal data to non-European Union nations that do not meet the European "adequacy" standard for privacy protection established by the European Union Data Protection Directive (see above). The Act was intended to bridge the different privacy approaches of the U.S. and Europe, thus enabling U.S. companies to safely engage in trans-Atlantic transactions without facing interruptions or even prosecution by European authorities.
Who is affected: U.S. companies doing business in Europe.
* Companies participating in the safe harbor will be deemed adequate, and data flows to those companies will continue.
* Member state requirements for prior approval of data transfers either will be waived or approval will be automatically granted.
* Claims brought by European citizens against U.S. companies will be heard in the U.S., subject to limited exceptions.
Source: Europa, Business Records Management
More security directories and lists on CSOonline.com:
Industry-wide events in digital and physical security, fraud prevention, business continuity planning and much more. (Post relevant events for free.)
Coming soon: The security data source directory
A handy compilation of links to research-based sources of security data.