The Asia-Pacific member economies developed a privacy framework as a volunteer
system that outlines standards relating to personal information protection as the data
moves across borders. Controllers that volunteer in the program are assessed by an
Accountability Agent against the Cross Border Privacy Rules (CBPR) and if compliant,
receive a certification. Processors are assessed against the Privacy Recognition for
Processors and would also receive a certification if compliant with the program.
The certification process consists of:
- Initial Certification Assessment
- Planning
- Fieldwork Process & Certification
- Ongoing Monitoring & Compliance Review
- Re-Certification & Annual Attestation
This resource goes into more detail on this process and the program requirements.
