TRUSTe, a global provider of data privacy management solutions, and Promontory Financial Group, a global consulting firm for regulated companies, has announced the launch of a joint Binding Corporate Rules program.

The new program is designed to:

Make it quicker, simpler, and more affordable for companies to prepare for compliance with the Binding Corporate Rules (BCRs) regime;

Apply for authorization from their Data Protection Authority to use BCRs for international data transfers within their organization; and

Self-certify their ongoing BCRs compliance through the Program.

BCRs are designed to allow multinational companies to transfer personal data from the European Economic Area (EEA) to their affiliates located outside of the EEA in compliance with Data Protection Directive 95/46/EC. The most utilized current alternative to BCRs is the use of the model contractual clauses approved by the European Commission. In multinational companies with complex structures, however, hundreds of contracts may be required to cover transfers between all affiliates, and keeping those contracts up to date can be difficult and time consuming.

The new TRUSTe-Promontory BCR Management Program will be delivered and managed by TRUSTe based on a framework developed by Promontory. The framework will help companies build their BCR application in a streamlined and consistent manner.

Once the application is approved by the relevant Data Protection Authorities, the company will remain a member of the TRUSTe-Promontory BCR Management Program to evidence and certify their ongoing compliance with BCR standards. This new program is designed to offer organizations the combination of TRUSTe's credibility and experience in developing privacy certification programs and Promontory's experience of European data protection regulation and addressing corporate compliance around international data transfers.