Cross Border Transfer Mechanisms: Certifications
Certifications are yet another way that businesses doing business in the EU can achieve cross border transfers of personal data out of the EU. Businesses can also demonstrate compliance with GDPR by instituting a certification mechanism. Member states, supervisory authorities, the EDPB or the Commission are required to encourage the establishment of certification mechanisms to enhance transparency and compliance with the Regulation. Certification can be issued by Data Protection Authorities (DPAs.) or accredited certification bodies. In conjunction with the harmonization goal GDPR, Art. 42 encourages an EU-wide outlook for certification schemes. As of yet, there are no credential certification bodies, which presents a huge economic opportunity to the organization who applies and is approved as a certification body. Certifications does not reduce a data controller's or processor's protection responsibilities. Controllers/Processors ar...