Alexis Kateifides, Anupam Chander

2021 began full of anticipation for the release of two key documents: the European Commission’s finalized standard contractual clauses, and the European Data Protection Board’s finalized guidance on supplementary measures. Since their arrival, organizations have been working hard to operationalize them, but challenges remain regarding the particular assessments of third countries that must be undertaken as well as understanding the risk and impact of all transfers at large. In this session, we share a step-by-step guide to undertaking a Transfer Impact Assessment (TIA), the considerations when conducting Third Country Assessments (TCA), and the relevant measures that can be put in place to mitigate risk and ensure regulatory compliance.


  • Understand the operational impact for organizations
  • Outline the necessity and considerations of the assessment of third countries
  • Breakdown the steps data importers and exporters can take to protect and enable transfers

Alexis Kateifides, Lead Privacy Counsel, OneTrust
Anupam Chander, Scott K. Ginsburg Professor of Law and Technology, Georgetown Law School


Alex Kateifides

Privacy Counsel

Anupam Chander

Professor of Law
Georgetown Law