Support Centre
Back

International

This Week in Privacy: 5 April 2021

April 05, 2021

International: European Commission and PIPC conclude adequacy finding for South Korea

The European Commission and the Personal Information Protection Commission of South Korea announced the successful conclusion of adequacy decision talks.

The European Commission noted that the recent amendments to South Korea's data protection law and the strengthening of the PIPC has enabled a high degree of convergence between the EU and South Korea in the area of data protection. Furthermore, the European Commission confirmed that it will now proceed with the decision-making procedure.

This includes an opinion by the European Data Protection Board, and approval by a committee composed of representatives of the EU Member States.

Panama: Data protection law enters into effect

In Panama, Law No. 81 on Personal Data Protection entered into effect on 29 March following its enactment in 2019.

In particular, the Law which will be further regulated by an Executive Decree which is yet to be published governs rights, obligations, and procedures in relation to the protection of personal data in Panama. Furthermore, the law provides for consent procedures for the processing of personal data; obligations for the cross-border processing of personal data oringinating in Panama; and a Personal Data Protection Council with advising power and functions.

  • Read more here
  • Read the Law, only available in Spanish, here

UK: PRA publishes policy statement on outsourcing and third-party risk management

The Prudential Regulatory Authority in the UK published a policy statement and a supervisory statement on outsourcing and third-party risk management.

The supervisory statement is relevant to all:

  • UK banks, building societies, and PRA-designated investment firms;
  • insurance and reinsurance firms and groups in scope of Solvency II; and
  • UK branches of overseas banks and insurers

The statement aims to complement the requirements and expectations on operational resilience in the PRA Rulebook; facilitate greater resilience and adoption of the cloud and other new technologies as set out in the Bank of England's response to the Future of Finance report; and implement the European Banking Authority Guidelines on outsourcing arrangements.

The PRA highlighted that firms will be expected to comply with the statement by 31 March 2022.

Series:
This Week in Privacy


Topics:
Legal Reform
Financial Services
Mechanisms - Adequate Protection
Vendor Management

Company

Our Policies

Your Rights

© 2020 OneTrust Technology Limited. All Rights Reserved.
The materials herein are for informational purposes only and do not constitute legal advice.