Our view on 'Safe Harbor'

One week on from the European Court of Justice ruling that the transatlantic Safe Harbor agreement is invalid, the dust has settled slightly. But what really is the impact of this ruling, especially for Workday customers, current and future? Read on for our thoughts. Current Workday customers: fundamentally there is little impact, as Workday has been Safe Harbor self-certified since 2007. Most Workday clients have protection under the Standard Contractual Clauses (SCCs) in its Data Protection Agreement (PDA) assuming they signed up to it. For customers who did not, they need to sign the Addendum to the Workday Data Processing terms.Future Customers: Again, is the impact for future Workday customer a major issue? Without the Safe Harbor agreement, companies can still have SSC 's for data transfer to other countries outside the EU as formulated by the 95/46/EC Directive. So, the impact for the vast majority of organisations in the Workday ecosystem is minimal. It also has to be noted that this ruling does not prohibit the flow of data itself. There are other EU-US agreements in place that still allow for data flow. The story is set to continue. However, In my view this ruling will, in the end have a positive impact and will hopefully speed up the resolution of data transfer between the EU and US. We may end up having to thank Max Schrems for taking this action, as most companies have just drifted along without too much concern. Relying entirely on the 'Safe Harbor red carpet '. Interested in our Workday testing product Smart?