Our company is in a similar position to yours. The generally held view in
the US (not necessarily our company!) is that Safe Harbor (sic) is too
expensive and cumbersome to implement. However if the US company *does* sign
up to the principles, it's my understanding that you can treat them as if
they were in the EEA for data protection issues. There are very few
companies who have signed up, however.
If the transfer of employee information to the US is necessary, then the 8th
principle doesn't apply anyway: you're covered by the standard exceptions in
Schedule 4 - 2(a) transfer necessary for the performance of a contract [of
employment] between the data subject and the data controller. Probably also
1, data subject given consent. In any case it would be good to cover
yourself by getting consent, but I don't believe it's strictly necessary. I
would deem it reasonable for any UK employee of a company with a US parent
to expect their data to be transferred to the US, so you could at a pinch
take implied consent.
Any other thoughts? Hope you're all enjoying the snow...
Tim
--
Tim M. Wright
Director - Technology Audit
Charles Schwab Europe
Tel: +44 190 852 7793
Mobile: +44 7932 669 074
Fax: +44 190 852 7593
-----Original Message-----
From: Fiona Wilson [mailto:[log in to unmask]]
Sent: 18 April 2001 12:01
To: [log in to unmask]
Subject: 8TH PRINCIPLE/SAFE HARBOUR AGREEMENT
Apologies if this has recently been discussed - we are a UK
subsiduary of an
American company with approximately 550 employees in the UK.
We do transfer
the personal data of our employees to the States. We are
hoping to adopt
the Safe Harbour Principles and in the States the Chief
Privacy Officer is
speaking to companies who have already self-certified. I
was wondering if
there is anyone from UK/Europe who is able to share their
experiences of
compliance with the Safe Harbour agreement with us.
regards
Fiona Wilson
Data Protection Services Manager
McKessonHBOC
Tel no: 020 7819 5000
Fax no: 020 7819 5100
e-mail: [log in to unmask]
<mailto:[log in to unmask]>
----------------------------------------------------------------------------
The information contained in this e-mail is confidential and
is intended
only for the named recipient(s). If you are not the intended
recipient you
must not copy, distribute, or take any action or reliance on
it.
If you have received this e-mail in error, please notify the
sender.
Any unauthorised disclosure of the information contained in
this e-mail
is strictly prohibited.
----------------------------------------------------------------------------
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list
please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
_______________________________________
WARNING: All e-mail sent to or from this address will be received by
the Charles Schwab Corporate E-mail system and is subject to archival and
review by someone other than the addressee.
Charles Schwab Europe.
Cannon House, 24 Priory Queensway, Birmingham B4 6BS, United Kingdom.
Charles Schwab Europe is a member firm of the London Stock Exchange and LIFFE and
regulated by The Securities and Futures Authority
Registered Office: As Above. Registered in England No. 2092410 VAT Registration No. GB 486 894471
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|