WellMed Earns Safe Harbor Privacy Seal
"We applaud WellMed's commitment to protecting the privacy of its customers and hope it serves as a signal to other global companies that the time to become compliant with the EU Safe Harbor Framework is now," said Bob Lewin, president/CEO of TRUSTe, San Jose, CA.
After more than two years of negotiations, the "safe harbor" data privacy protection agreement between the United States and Europe took effect in November. TRUSTe launched its seal program to coincide with this agreement.
According to the EU's data privacy directive, personal information may not be transferred to countries without adequate privacy protection. Since the United States does not have a privacy law, the EU saw the need to implement rules that must be followed by U.S. businesses to protect European data from misuse. As a result, seven principles were drafted to ensure the safety of personal information.
The principles -- as negotiated by the European Commission and the U.S. Department of Commerce -- are notice of what information is collected and how it is used; choice to opt out of third-party data sharing; onward transfer of data only to third parties that give notice and choice; security precautions to safeguard data; data integrity processes for the collection of relevant data only; access to information and the ability to correct or delete it; and enforcement of privacy protection and consequences for lapses.
Organizations wishing to join safe harbor must submit a certification form to the International Trade Administration of the U.S. Department of Commerce. The form is available at www.export.gov/safeharbor and may be submitted online. Before being accepted into the program, companies must show proof that they are complying with the principles.
Once a company is accepted into the safe harbor program, it becomes eligible to apply for TRUSTe's EU Safe Harbor Privacy Seal.