Production of services abroad often requires that personal data is exported. Offshoring continues to become an increasingly important part of delivery models. In some segments it is very difficult to be competitive without the use of resources in low-cost countries. In addition customers have businesses in a variety of countries, and this increases the complexity.
The seminar will review the various bases to transfer of personal data to third countries (countries outside the EU / EEA) in connection with outsourcing. Among the topics to be reviewed is the list of pre-approved countries, Model Clauses, Binding Corporate Rules (also Processors), Safe Harbour, and how these structures relate to privacy directive Article 25/26 and Privacy Act § 29/30 with regulations.
There will be a practical review, with real examples of outsourcing transactions. It also reviews what is regarded to be transfer of personal data, which also is essential for the regulations to apply.
In addition to the substantive rules some procedural matters are also reviewed, in particular the question of which of the transfer bases in which situations require notification to or license from Datatilsynet.
Finally, we review how to plan work related to privacy in transactions involving numerous jurisdictions and thus many privacy authorities.
Lecturer Jarle Roar Saebo lectures this spring at the Faculty of Law at the University of Oslo on the same topic.
For more information and registration see Dataforeningen
Infocom Group was the initiator of commencement of the community for outsourcing and offshoring in 2009. The purpose of the community is to increase knowledge and share experience around outsourcing as an alternative to ensure good and cost-effective IT services. Read more about the professional team and enrollment here.