Start / Redefining CyberSecurity / The alphabet soup of privacy and data protection across borders employing justification documentation and transparency in global privacy a conversation with elena elkina redefining cybersecurit

The Alphabet Soup of Privacy and Data Protection Across Borders: Employing Justification, Documentation, and Transparency in Global Privacy | A Conversation with Elena Elkina | Redefining CyberSecurity with Sean Martin

50 min • 8 april 2024

Guest: Elena Elkina, Partner / Privacy & Data Protection Management Executive, Aleada Consulting [@AleadaPrivacy]

On LinkedIn | https://www.linkedin.com/in/elenaelkina/

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/sean-martin

View This Show's Sponsors

___________________________

Episode Notes

In this episode of the Redefining CyberSecurity Podcast, hosted by Sean Martin, the spotlight is on the complex world of data privacy, specifically focusing on the French data protection authority, CNIL, and its broader implications on global privacy and data protection practices. Joining the conversation is Elena Elkina, a seasoned privacy and data protection executive. With nearly two decades of experience in the field, Elkina shares her expertise on the evolving landscape of privacy laws and the challenges businesses face in operationalizing these regulations.

The discussion opens up with an exploration of various privacy frameworks, including GDPR, CNIL, TIA, EDPB, and ICO, unraveling the interconnected yet distinct nature of these acronyms in the realm of data protection. Elena Elkina delves into the intricacies of the CNIL and its recent draft guidance on Transfer Impact Assessments (TIA), emphasizing its practical approach and the operational guidance it offers to companies dealing with data protection across different jurisdictions.

A significant part of the conversation is dedicated to understanding the legal and operational challenges associated with TIA, including the legal analysis required for transfers to third countries, the importance of documenting and periodic reevaluation, and the role of both data importers and exporters in ensuring compliance. Elkina highlights the collaboration required between these parties and the importance of comprehensive documentation to demonstrate compliance efforts.

Additionally, the dialogue touches upon broader themes, such as the differences between privacy approaches in the United States and the European Union, the impact of new privacy laws and regulatory guidance, and the importance of organizational data hygiene.

Throughout the episode, both Martin and Elkina underscore the importance of justification, documentation, and transparency in navigating the complex landscape of international data transfers. The conversation serves as a crucial guide for businesses looking to align their data protection practices with regulatory requirements and industry best practices, providing valuable insights into the ongoing evolution of privacy and data protection obligations.