Skip to main content

Posts

Interested in Joining the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks?

As a U.S. business who targets EU or Swiss nationals with your products or services, you might consider joining the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks (an overview PDF contains key information about the Privacy Shield scheme). Both Frameworks require a self certification. The U.S. government provides a “How to” join the Privacy Shield consisting of two parts: part one deals with eligibility together with constructing a compliant privacy policy (with additional links describe the necessary contents of your company’s privacy policy); and part two covers identification of an Independent Resource Mechanism, required fee payments, placement of an active verification mechanism, designating a contact individual or officer for your business, reviewing your application (paying attention to the items required to self-certify), and submission of your application (check out the PDF guide to online submission). The site also has FAQs about the Privacy Shield Frameworks as well …
Recent posts

The NIS Directive EU Cybersecurity

The Directive on security of network and information systems (the NIS Directive) requires transposition into European Union Member's domestic law by May 9, 2018 (definition of an EU Directive). The NIS Directive, adopted in July 2016, entered into force in August 2016. The UK's National Cyber Security Center (NCSC) published an Introduction to the NIS Directive, which provides an overview on on the application of the NIS Directive; a second web site sets out top level objectives of the NIS Directive. Objectives guidance on managing security risks, protecting against cyber attack, detecting cyber security events, minimising cyber security event impacts, examples of supply chain cyber attacks, assessment of supply chain practices, and the 12 principles of supply chain security are posted on the NCSC website. The NSCS also published an Introduction to identity and access management. The Cyber Assessment Framework (CAF) will be published by the end of April 2018. A table sett…

Dealing With The General Data Protection Regulation (GDPR)

The Information Commissioner's Office (ICO) maintains a web guide to prepare for compliance with the General Data Protection Regulation (GDPR) coming into effect throughout the UK in 2018.  The guide provides links to relevant GDPR provisions as well as discussion/analysis on applicable GDPR definitions, principles, processing structures, security, accountability, data breaches, exemptions, applications, and international transfers.  The guide also links to applicable EU Article 29 Working Party guidance.  The guide is updated by the ICO on at least a monthly basis.  Part of the guide links to a 12 step preparation outline for SMEs and companies generally to begin conforming processes and procedures to GDPR requirements. Further discussion of GDPR occurs sporadically on the ICO's blog.  The ICO complied two partially interactive self assessment check lists (one for data controllers and the other for data processors) that contain useful information accessed through the "Mo…

Starting & Growing Business in New York State

The New York Empire State Development’s Small Business Division has put together a unified website collecting various New York State programs/services offered to New York small business to start-up or expand their small businesses. The site contains a 52-page guide to owning and operating a small business in New York State as well as a directory of New York State small business programs. There is also a link to discover more information about becoming a New York State government contractor and qualifying to bid on New York State government procurement contracts. Finally, the site links to various financing and lending programs offered by New York State government entities--and contains a searchable directory of alternative lenders in New York State catering to small businesses. www.erskine-law.com

Technological Innovation Government Programs

For small businesses looking to conduct research and development, while needing funds to realize their small business technology, check out The Small Business Innovation Research (SBIR) program. The SBIR "is a highly competitive program that encourages domestic small businesses to engage in Federal Research/Research and Development (R/R&D) that has the potential for commercialization." Progressing in three phases (I to III) with funding of up to US$150,000 in phase I (6 months) and up to US$1,000,000 (2 years) in phase II, the "SBIR funds the critical startup and development stages and it encourages the commercialization of the technology, product, or service, which, in turn, stimulates the U.S. economy." The program started in 1982 (President Regan) and encompasses several US federal agencies.

Another US federal government program focusing on small business technology companies is The Small Business Technology Transfer (STTR) . The STTR "expands fund…

Barriers to Digital Trade

In January 2017 the Congressional Research Service drafted a report entitled Digital Trade and U.S. Trade Policy. The Report (43 pages long) complies information from across various sectors to describe barriers faced by US companies in exploiting and pursuing digital trade opportunities abroad. The report follows on a US Trade Representative Fact Sheet on Key Barriers to Digital Trade released last year, among several US governmental initiatives to identity and, possibly, remediate trade barriers to digital commerce. The International Trade Administration housed in the US Department of Commerce describes, via their export.gov site, foreign trade barriers as "any barrier that impedes a company's ability to trade in a foreign country." The site gives examples of "common trade barriers" to include "Tariff and Customs[;] Service Barriers [;] Standards [;] Testing [;] Labeling [;] Certification [;] Rules of Origin [;] Government Procurement Contracting [;] Inte…

Cybersecurity Tools

If your business operates online, then your business/company should seriously address cybersecurity issues. The Small Business Administration (SBA) dedicates a page describing and linking to "Top Tools and Resources for Small Business Owners". The page features links to fact sheets, webinars, online courses, and other federal agency resources. One such resource derives from the Federal Communication Commission (FCC) that provides and generates, through an interactive web site, a Small Biz Cyber Planner that a company may use to "create and save a custom cyber security plan for your company, choosing from a menu of expert advice to address your specific business needs and concerns." There is also a link to the Department of Homeland Security's Cyber Resilience Review (CRR), "...a no-cost, voluntary, non-technical assessment to evaluate an organization’s operational resilience and cybersecurity practices." The CRR page contains a number of downloadabl…