Most organisations will experience a data security breach at some stage. How you respond to the breach and how quickly you act to resolve it is critical in order to avoid the serious consequences that may follow including fines, litigation and reputational damage.
Transferring personal data from the EU to the US falls within the rules on restricted transfers under the GDPR. The EU-US Data Privacy Framework (DPF) can be used by exporters to transfer data to registered organisations in the US.
Data transfers from the EU to third countries or international organisations must be carried out in compliance with the GDPR. Organisations wishing to transfer personal data to jurisdictions outside the EEA must use an appropriate transfer mechanism to transfer the data lawfully.