Now that the European Commission has adopted the Privacy Shield (which replaces “Safe Harbour”), there are steps which US companies will need to take to ensure that they comply with data protection law when transferring data from the EU and EU companies need to take if transferring data to the US.
Since the old system, the ‘Safe Harbour’ regime, was found to be invalid by the Court of Justice of the European Union, the Privacy Shield has been approved to replace it. It requires companies based in the US to self-certify their compliance to the framework. The US Department of Commerce is now accepting certification requests.
EU companies need to ensure that any company in the US to whom they send data is appropriately signed up.