TRUSTe Inc., a leading global data privacy manager, announced recently that Merck & Co. Inc. (Merck) became the first health-care company and the second multinational company (after IBM) whose privacy program become certified under the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR) system. Merck obtained this certification for its privacy program by developing voluntary and enforceable codes of conduct. Its privacy program is designed around the following key elements: transparency, respecting choices, understanding perspectives, security and treating Merck stakeholders with respect and in a manner consistent with the company’s values. Overall, the APEC CBPR System is considered to be a self-regulatory initiative designed to protect the privacy of consumer data flowing between the United States and other APEC Member Economies, through voluntary and enforceable codes of conduct on cross-border privacy procedures adopted by participating businesses, and an important way to demonstrate to consumers and stakeholders that the companies are committed to privacy in every region of the world. The 21 APEC member economies are: Australia, Brunei Darussalam, Canada, Chile, China, Hong Kong, Indonesia, Japan, Malaysia, Mexico, New Zealand, Papua New Guinea, Peru, the Philippines, Russia, Singapore, South Korea, Taiwan, Thailand, the U.S. and Vietnam.
TIP: If your company exists in one of the 21 APEC member economies and wishes to obtain the certification across your operations, taking advantage of the certification process may make sense for you. Talk to your regular counsel or review the APEC Cross-Border Privacy Rules System for more information.