Description

Closed consultation on Draft Guide on Transfer Impact Assessments

On 12 February 2024, the public consultation on the Commission nationale de l'informatique et des libertés (CNIL) draft guide on transfer impact assessments (TIA), closed. The Guide, serving as a methodology and checklist, outlines the necessary elements for conducting a TIA. The TIA is required by data exporters from the European Economic Area (EEA) transferring data to a third country under Article 46 of the GDPR. It aligns with the six steps recommended by the European Data Protection Board (EDPB) and references relevant documentation. The Guide explains the purpose and scope of the TIA and sets out six steps to follow in carrying out a TIA: knowing the transfer, documenting the transfer tool, evaluating legislation and effectiveness of protection in the target country, identifying and adopting supplementary measures, implementing supplementary measures, and regular re-evaluations.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cross-border data transfer regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2024-01-08
processing consultation

On 8 January 2024, the Commission nationale de l'informatique et des libertés (CNIL) opened a consu…

2024-02-12
in consultation

On 12 February 2024, the public consultation on the Commission nationale de l'informatique et des l…