An official statement has been issued by the Information Commissioner's Office (the ICO) which essentially summaries everything that has happened so far with Safe Harbour, and gives the 'official' advice on what action businesses should take next.
What does this mean for my business?
The advice given by the ICO is fairly similar to the advice previously given by other sources, but places an emphasis on 'taking stock' of the personal data that your business is transferring outside of the EU. The ICO says businesses should check where the data is going to, and what action has been taken to protect it.
If Safe Harbour forms part of this protection, it has also been suggested that businesses should consider what alternative methods could be put in place, if Safe Harbour 2.0 falls by the wayside. However, businesses should feel no urgency to make any changes yet.
What are big businesses doing?
Microsoft have announced that it plans to open two new data centres in the UK in 2016. Amazon have also made the decision to open a regional base in the UK since the Safe Harbour announcement.
Some big businesses have opted for a less costly approach, and have just added the EU model clauses to protect their customer's data, (discussed in our last Safe Harbour update here: http://bit.ly/1ShUt1m). SalesForce, for example, have added a data processing addendum to their customers contracts.
What happens next?
We are still waiting to see whether a new Safe Harbour will be put in place, whether it will be abandoned entirely, or whether something else will be established. The deadline by which a new data transfer agreement must be established still stands at 31st January 2016.
If you need assistance or have any questions please don't hesitate to contact Adam Kuznesof on 0191 482 0444. Transcendit will keep you updated on any further developments.