In conjunction with the Ministry of Justice, the Belgian Privacy Commission has signed a protocol that will improve the efficiency of authorising binding corporate rules (BCRs) under the country's law, Hunton & Williams' Privacy and Information Security Law Blog reports. Prior to the protocol, no BCR had been approved because the Belgian Data Protection Act required a Royal Decree to authorise the BCR data transfers, which was "extremely impractical and burdensome," according to the report. The protocol provides minimum requirements for BCR approval, new approval procedures, an explanatory note and a pre-approved Royal Decree template. The report also includes a summarised version of the new procedure.
If you want to comment on this post, you need to login.