On-demand webinar coming soon...


OneTrust Blog

The latest in privacy, security, ethics, and ESG

Featured



A guide to Privacy by Design

The concept of Privacy by Design should be familiar to most privacy professionals but understanding how to implement it can be a different story

Office building's glass windows

Discover articles

Trust Intelligence

Trending Toward Trust in 2024: Measurement, management, and maturity

Explore 'Trending Toward Trust in 2024', OneTrust's latest report, offering key insights into measurement, management, and maturity of organizational trust. 

Robb Taylor-Hiscock

December 11, 2023 4 min

Learn more

Responsible AI

What the EU AI Act means for your business

On December 8th, the EU reached an agreement on the much-debated EU AI Act. Learn more about what’s included in this historical legislation. 

Lauren Diethelm

December 11, 2023 5 min

Learn more

Technology Risk & Compliance

OneTrust prioritizes innovation to make trust a differentiator

Forrester recognizes OneTrust is on the path to become a holistic GRC solution.

December 11, 2023 3 min

Learn more

Consent & Preferences

How OneTrust integrates with Google Consent Mode

Now with OneTrust's integration of Google Consent Mode, OneTrust facilitates important implementation steps for easier setup.

Ashlea Cartee, Product Marketing Manager, Consent & Preferences, OneTrust

December 07, 2023 3 min

Learn more

Responsible AI

Where does AI fit in the security team’s processes?

Learn about the new tools that are transforming the security landscape and enabling ways to safeguard against evolving threats.

Tim Mullen and Julian Head

December 06, 2023 6 min

Learn more

Data Discovery & Security

Collibra + OneTrust: Better together | Blog | OneTrust

Learn how OneTrust's collaboration with OneTrust can expand trust and compliance across your entire data landscape.

Ojas Rege

December 05, 2023 2 min

Learn more

Data Discovery & Security

Data governance in retail: Protecting privacy while driving profits

Learn how to build a data governance program that protects and secures your retail company and builds customer loyalty in the long run.

Katrina Dalao

December 05, 2023 6 min

Learn more

AI Governance

Establishing an AI governance committee: An inside look at OneTrust’s process

Diverse AI governance committees are key to helping organizations mitigate risk and use AI responsibly. Learn more about what goes into establishing an AI governance committee.

Adomas Siudika

November 30, 2023 7 min

Learn more

AI Governance

Understanding the EU AI Act’s risk levels

The draft EU AI Act lays out four risk categories for the use of AI systems. Learn more about each of these categories, and how they might impact the use of AI in your business.

Laurence McNally

November 30, 2023 5 min

Learn more

Internal Audit Management

SOC 2 compliance checklist: 8 steps to prepare your organization

Find the right SOC 2 compliance software that provides the features that best serve your business.

November 28, 2023 7 min

Learn more

Responsible AI

UK AI Bill introduced in House of Lords

On November 23, 2023, UK Parliament introduced the Artificial Intelligence (Regulation) Bill to the House of Lords. Read on to learn more.

Robb Hiscock

November 27, 2023 4 min

Learn more

Responsible AI

What you need to know about conformity assessments under the EU AI Act

Providers of high-risk AI systems have to meet Conformity Assessment requirements under the EU AI Act before their system can be put on the market. Read the blog to learn more.

Lauren Diethelm

November 20, 2023 4 min

Learn more

Third-Party Due Diligence

Compliance check: The art of enhanced due diligence for third parties

Learn how to apply enhanced due diligence to third parties when thorough scrutiny is needed to preserve your company’s values and ensure compliance with laws and regulations. 

Jisha Dymond

November 16, 2023 5 min

Learn more

AI Governance

What is an AI inventory, and why do you need one?

When starting an AI governance program, one of the first and most important steps is setting up an AI inventory. Learn more about why inventories matter, and how you can create one.

Bex Evans

November 15, 2023 3 min

Learn more

ESG Program Management

Understanding new SEC ESG disclosure requirements

The SEC ESG disclosures ensure that financial institutions in the US report on the environmental impact of their investments. Read the blog to learn more.

Param Gopalasamy

November 14, 2023 5 min

Learn more

ESG Program Management

Getting to know the Task Force on Climate-related Financial Disclosures (TCFD)

A primer on the TCFD framework—what it is, why it matters, and how it’s being adopted around the world

Param Gopalasamy

November 13, 2023 5 min

Learn more

AI Governance

Navigating the Draft EU AI Act

The ongoing trilogue in the EU around finalizing the EU AI Act continues to inch closer to a decision. In the meantime, learn more about what this monumental regulation means for your organization.

Param Gopalasamy

November 13, 2023 13 min

Learn more

Consent & Preferences

A new era of behavioral advertising?

With recent enforcement decisions from authoritative bodies in Europe, organizations need to take a look at how they view consent for behavioral advertising. 

Param Gopalasamy

November 08, 2023 4 min

Learn more

Third-Party Risk

Are your third parties a privacy compliance liability?

What role do third parties play in your privacy compliance efforts? Learn how the two functions overlap and ways to keep data secure across your supply chain.

Katrina Dalao

November 07, 2023 10 min

Learn more

AI Governance

What you need to know about… Generative AI

Ever heard of generative AI? Of course you have. We all have. The next time it comes up in conversation, this blog will help you appear intelligible on the topic. You’re welcome.

Param Gopalasamy

November 03, 2023 10 min

Learn more

Responsible AI

President Biden issues Executive Order on Safe, Secure, and Trustworthy AI

On October 30, the Biden-Harris administration issued an Executive Order on Safe, Secure, and Trustworthy AI. Read the blog to learn more. 

Lauren Diethelm

October 31, 2023 6 min

Learn more

Privacy Management

What the G7 Code of Conduct means for your business

Recognizing the immense impact of AI, the G7’s Code is the latest in a series of recent and upcoming developments concerning guidance around AI. 

Param Gopalasamy

October 31, 2023 4 min

Learn more

Data Discovery & Security

Data is the new currency: How to protect financial services information

The heavily-regulated financial services industry requires a thoughtful process for governing data.

Jason Koestenblatt

October 13, 2023 5 min

Learn more

Third-Party Risk

Trust talks: Actioning trust-based cybersecurity from individual to enterprise

Security teams can help create and champion organizational trust despite interdepartmental silos

Jason Koestenblatt

October 09, 2023 4 min

Learn more

GRC & Security Assurance

Digital transformation and the evolving cybersecurity landscape

As the technological landscape continues to evolve, teams are seeing increases in compliance obligations, regulations, and the proliferation of cloud technology.

Scott Solomon

October 09, 2023 3 min

Learn more

Data Discovery & Security

Data governance principles: 4 best practices

Discovery and classification are necessary in data governance, but clarity and accountability are at the root of collaboration

Sam Curcuruto

October 05, 2023 3 min

Learn more

GRC & Security Assurance

Cybersecurity Awareness Month resource hub

The cybersecurity awareness hub pulls resources from our experts on the Security CoE, GRC, Privacy, DataGuidance, and TPRM teams to a central resource.

Jason Koestenblatt, Team Lead, Content Marketing

October 02, 2023 3 min

Learn more

GRC & Security Assurance

October is Cybersecurity Awareness Month. So, what?

The Cybersecurity and Infrastructure Security Agency’s (CISA) created cybersecurity awareness month with the intent to educate and promote online safety.

Scott Solomon

October 02, 2023 3 min

Learn more

Data Discovery & Security

Data governance builds trust, drives positive healthcare outcomes

Discovering and governing sensitive healthcare data helps professionals focus on treatment.

Sam Curcuruto

September 26, 2023 4 min

Learn more

Privacy Management

What the new UK-US Data Bridge means for your organization

Businesses in the UK can now transfer personal data to DPF certified US-based organizations

Marco Barone

September 25, 2023 6 min

Learn more

Privacy Management

Exploring the ROI of your privacy program

Learn how investing in a privacy program can have a major impact on your organization's ROI.

Bex Evans

September 20, 2023 11 min

Learn more

GRC & Security Assurance

Collect once, comply many: Scale your resources and optimize compliance

Create efficiencies and increase visibility by scoping, monitoring, and communicating your compliance posture.

Riyaz Habibbhai

September 18, 2023 5 min

Learn more

AI Governance

Embracing responsible AI: Presenting OneTrust AI Governance

Explore how OneTrust AI Governance addresses the growing challenges of AI governance, ensuring visibility, lifecycle management, and risk mitigation in an ever-evolving landscape.

Riyaz Habibbhai

September 18, 2023 3 min

Learn more

GRC & Security Assurance

Making enterprise risk manageable for the CISO

Created internally or externally, organizations are handling tons of data — all of which can impact your risk posture. Learn more about empowering the business with enterprise risk management.

Riyaz Habibbhai

September 18, 2023 3 min

Learn more

Data Discovery & Classification

How to better govern your unstructured data

Learn how data governance can help protect your customers' sensitive data as well as meet the legal and security challenges posed by unstructured data.

Jason Koestenblatt

September 13, 2023 5 min

Learn more

Data Discovery & Security

What is data governance?

Learn how to build an effective data governance program and the tools you need to unlock the value of your data.

Jason Koestenblatt

September 06, 2023 5 min

Learn more

Consent & Preferences

OneTrust integrates with Salesforce to enable trusted data use

Marketers are data-driven and need to capture and process data through different systems, including Salesforce Marketing Cloud and Sales Cloud.

Ashlea Cartee

September 06, 2023 3 min

Learn more

Consent & Preferences

OneTrust and Snowflake: Manage consent and enable effective data governance

Enabling data teams to better understand where sensitive data lives in the Data Cloud, use data responsibly, and ensure proper consent is granted for personal data access and use

Param Gopalasamy

August 31, 2023 5 min

Learn more

Speak-Up Program Management

What you need to know about… whistleblowers (and UFOs)

Learn what it means to be a whistleblower and about the global regulations designed to protect them.

Param Gopalasamy

August 22, 2023 7 min

Learn more

Consent & Preferences

Navigating TCF 2.2 and Google’s consent management platform requirements

Learn how TCF 2.2 affects Google's consent management platform's (CMP) requirements and what you need to know to achieve compliance.

August 11, 2023 6 min

Learn more

Privacy Management

India passes Digital Personal Data Protection Bill

On August 9, 2023, the Digital Personal Data Protection Bill was passed through the Upper House of Parliament in India. Here’s what you need to know about the Bill.

Robb Hiscock

August 11, 2023 6 min

Learn more

Internal Audit Management

What is NIST CSF? Everything you need to know

Learn about the NIST CSF and explore how this cybersecurity framework may benefit your organization.

Katrina Dalao

August 10, 2023 7 min

Learn more

Internal Audit Management

What’s the difference between NIST 800-53 vs. NIST 800-171?

Understand which cybersecurity framework applies to your organization

Katrina Dalao

August 08, 2023 9 min

Learn more

ESG Program Management

What is the EU Digital Rights and Principles Directive?

Learn the key points of the EU Digital Rights and Principles Directive and what best practices to consider when achieving compliance.

Param Gopalasamy

August 04, 2023 5 min

Learn more

Internal Audit Management

PCI DSS 4.0: Your questions answered

Prepare your organization for PCI DSS 4.0 with these resources from audit and security professionals.

August 02, 2023 8 min

Learn more

ESG Program Management

What is the EU Due Diligence Act?

Learn how this directive aims to make EU corporations accountable for their environmental and social impact

Param Gopalasamy

August 02, 2023 5 min

Learn more

Privacy Management

A guide to Privacy by Design

The concept of Privacy by Design should be familiar to most privacy professionals but understanding how to implement it can be a different story. 

Robb Hiscock

August 02, 2023 6 min

Learn more

Trust Transformation

Does your organization need a Trust Office?

Instead of ‘business as usual,’ organizations should focus on building trustworthy products through processes and people

Andrew Clearwater

July 25, 2023 6 min

Learn more

Trust Transformation

TrustWeek 2023: Agenda now live

The ultimate conference for privacy, security, marketing, ethics, and ESG professionals comes to life with sessions on AI, IT risk, third party management, and more

July 19, 2023 5 min

Learn more

AI Governance

Approaching the OECD Framework for the Classification of AI Systems

Artificial Intelligence has the power to unlock benefits for businesses and society. However, it also poses significant risks that can be managed through frameworks such as the OECD’s.

Bex Evans

July 13, 2023 9 min

Learn more

Consent & Preferences

The ultimate guide to first-party data

Learn the best way to connect with your customers by building a first-party data marketing strategy.

Param Gopalasamy

July 13, 2023 18 min

Learn more

Privacy Management

Delaware becomes twelfth state to pass comprehensive privacy act

The Delaware Personal Data Protection Act is set to become the twelfth privacy act in the US introducing a range of obligations on businesses that operate in the state. 

Robb Hiscock

July 12, 2023 6 min

Learn more

Privacy & Data Governance

EU-US Data Privacy Framework: A brief history

The EU-US DPF is the latest chapter in a story that has been ongoing for over two decades, but how did we get here?

Robb Hiscock

July 12, 2023 5 min

Learn more

Third-Party Risk

How to start a third-party risk management program: Implement effective processes across your organization

Learn how to implement an effective third-party risk management program that meets your organization's needs.

Katrina Dalao

July 11, 2023 5 min

Learn more

Third-Party Risk

How to start a third-party risk management program: Monitor and maintain performance

How to start a third-party risk management program: Monitor and maintain performance

Katrina Dalao

July 11, 2023 5 min

Learn more

Third-Party Risk

How to start a third-party risk management program: Get leadership buy-in

Create a TPRM program that addresses your organization’s highest security risks and aligns with strategic objectives

Katrina Dalao

July 11, 2023 5 min

Learn more

Internal Audit Management

What's new in PCI DSS v4.0: How to prepare your organization

Keep your account data safe with the latest payment security standard

Katrina Dalao

July 10, 2023 7 min

Learn more

Privacy Management

European Commission adopts adequacy decision for EU-US Data Privacy Framework

On July 10, 2023, the European Commission adopted its adequacy decision on the EU-US Data Privacy Framework restoring an important data transfer mechanism between the EU and US.

Robb Hiscock

July 10, 2023 7 min

Learn more

Privacy Management

US privacy law: When to conduct a Privacy Impact Assessment and what to include

Privacy Impact Assessments are commonplace among most modern privacy laws but understanding your requirements in a patchwork of US state privacy can be challenging.

Robb Hiscock

July 05, 2023 9 min

Learn more

Consent & Preferences

What you need to know about... Data protection in a Black Mirror world

Unraveling Black Mirror's privacy snafus: When science fiction meets reality, but forgets to do its privacy law homework

Param Gopalasamy

June 30, 2023 15 min

Learn more

Third-Party Risk

How to start a third-party risk management program: Understand the types of third-party risks

Learn about the different types of third-party risks and how to address each one

Katrina Dalao

June 29, 2023 6 min

Learn more

Privacy Management

Oregon passes comprehensive privacy bill. Awaits Governor’s signature

Oregon becomes the 11th state to pass comprehensive privacy law that becomes effective on July 1, 2024

Robb Hiscock

June 28, 2023 6 min

Learn more

Privacy Management

Quebec’s Law 25: What is it and what do you need to know?

Privacy in Quebec has undergone a significant overhaul under Law 25 (previously known as Bill 64). The province will see several new requirements becoming effective in September 2023. 

Robb Hiscock

June 27, 2023 6 min

Learn more

Third-Party Due Diligence

The global regulations driving third-party due diligence

We cover the key regulations to know for managing third-party risk

Kelly Maxwell

June 21, 2023 6 min

Learn more

Privacy Management

Preparing for new privacy legislation in Canada – Part three

Bill C-27 will introduce the Artificial Intelligence and Data Act to help regulate the responsible use and development of AI in Canada. 

Neil Saddington

June 20, 2023 5 min

Learn more

Data Discovery & Classification

Shifting left: Classifying and managing data sprawl at collection

Learn how to effectively discover and classify data by staring near the point of data collection to avoid data sprawl and inaccuracies.

June 15, 2023 2 min

Learn more

What is a PCI DSS self-assessment questionnaire?

Self-assessment questionnaires help evaluate and prove PCI DSS compliance. Find out which SAQ is right for your organization

Katrina Dalao

June 15, 2023 5 min

Learn more

Internal Audit Management

What is PCI DSS?

Learn the basics about PCI DSS, how it applies to your organization, and what you need to prove compliance.

Katrina Dalao

June 14, 2023 7 min

Learn more

Privacy Management

What to include in your US privacy notice

Transparency is a key part of compliance with the range of US privacy laws entering into effect in 2023. Read this blog to learn what you need to include.

Bex Evans

June 13, 2023 6 min

Learn more

Internal Audit Management

Beginner's guide to PCI DSS compliance

If your organization stores, processes, or transmits cardholder data, you’ll need to be PCI DSS compliant. Here’s how.

Katrina Dalao

June 13, 2023 9 min

Learn more

Data Discovery & Classification

Discover and connect to all your data in any environment

OneTrust Data Discovery has mass coverage with 200 pre-built connectors, and an open SDK for custom data sources

Sam Curcuruto

June 08, 2023 2 min

Learn more

Consent & Preferences

IAB TCF 2.2: What you need to know

IAB Europe updated their Transparency and Consent Framework to improve data privacy for users around how organizations collect and process data

Ryan Karlin

June 06, 2023 4 min

Learn more

Trust Intelligence

TrustWeek registration now open

Ignite the power of trust intelligence at TrustWeek, the ultimate conference for privacy, security, marketing, ethics, and ESG professionals, driving measurable impact worldwide

June 06, 2023 2 min

Learn more

Privacy & Data Governance

Preparing for new privacy legislation in Canada: Part two

Bill C-27 is set to overhaul privacy law in Canada. Part 2 of the bill proposes a substantial transformation in the enforcement of the CPPA through a new organization.

Neil Saddington

June 06, 2023 5 min

Learn more

Consent & Preferences

What you need to know about first-party data

We cover the basics of first-party data and why it's so important in the digital age.

Param Gopalasamy

June 06, 2023 4 min

Learn more

Data Discovery & Classification

How does Microsoft 365 integrate with OneTrust Data Discovery?

Learn how OneTrust Data Discovery integrates with Microsoft 365 to build an all-encompassing, centralized data catalog out of your unstructured data.

Sam Curcuruto

June 02, 2023 3 min

Learn more

Third-Party Risk

HackNotice and OneTrust partner for deeper third-party threat intelligence

OneTrust customers can take advantage of HackNotice’s near real-time breach alerts.

June 01, 2023 3 min

Learn more

Privacy Management

Assessing your international data transfers post-DPC ruling

The recent decision cast fresh doubt over the effectiveness of transfer safeguards and supplementary measures in conjunction with the practical application of third-country surveillance laws. 

Linda Thielova

June 01, 2023 8 min

Learn more

Privacy Management

Florida looks to pass Digital Bill of Rights

The bill now awaits the Governor’s signature, which would allow consumers more visibility into their data that’s been collected by businesses 

Alexis Kateifides

May 31, 2023 5 min

Learn more

Privacy & Data Governance

Google Play Store data requirements (and how to handle them)

The latest updates on Google Play Store app requirements, as well as how OneTrust Mobile App Consent can help your organization stay compliant

Ashlea Cartee

May 31, 2023 7 min

Learn more

Privacy Management

Data Privacy and Security Act passed in Texas

The Texas Data Privacy and Security Act will become the fifth piece of US privacy legislation to pass this year and, once signed, will become effective on July 1, 2024.

Robb Hiscock

May 31, 2023 6 min

Learn more

Privacy Management

3 priorities for the French DPO: Priority 3 – automate

Automation is key to freeing up valuable time and resources that can then be dedicated to other areas of your compliance program.

Robb Hiscock

May 30, 2023 6 min

Learn more

Data Discovery trifecta: Retention, access, and minimization

Governing and de-risking your organization’s data should be top priority

Sam Curcuruto

May 26, 2023 3 min

Learn more

Data Discovery & Classification

How a data discovery solution keeps your organization secure

Finding and classifying data is just the first step in your discovery and security process

Jason Koestenblatt

May 25, 2023 5 min

Learn more

Data Discovery & Security

ROT data is a security issue: How are you handling it?

Automating data discovery is the first step in classifying obsolete digital information

Sam Curcuruto

May 23, 2023 3 min

Learn more

Privacy Management

Reflecting on 5 years of the GDPR

Look back on five years of the EU’s General Data Protection Regulation with expert views infographics, eBooks, and more

Robb Hiscock

May 23, 2023 5 min

Learn more

Consent & Preferences

First party data 101: What your marketing team needs to know

Read more to answer frequently asked questions around first-party data and how your organization can take advantage of it

Ashlea Cartee

May 23, 2023 6 min

Learn more

Data Discovery & Classification

Data discovery helps governance teams stay secure

Data governance is needed for organizations to meet compliance requirements

Sam Curcuruto

May 18, 2023 3 min

Learn more

Data Discovery & Classification

Why is data minimization important for your security teams?

Unused digital information is an easy target for hackers, increasing your organization’s risk 

May 16, 2023 2 min

Learn more

Responsible AI

Embracing responsible AI: 3 steps to get your organization started

With the latest statement from the White House on responsible AI, it’s clear AI is firmly in the spotlight. Find out how your organization can establish a foundation to address AI risks.

Alexis Kateifides

May 16, 2023 4 min

Learn more

Consent & Preferences

What the latest Google CMP requirements mean for your organization

Google announced their latest requirements around consent management platforms for organizations that utilize their network for ads

Ryan Karlin

May 16, 2023 3 min

Learn more

Responsible AI

Top 10 AI governance essentials every CPO needs to know in 2023

Learn how to integrate AI governance into your product strategies to achieve responsible AI use

Linda Thielova

May 15, 2023 5 min

Learn more

Privacy & Data Governance

OneTrust unveils latest platform innovations to drive responsible data use and business resilience

Enhancements to our Trust Intelligence Platform help organizations unlock the value of trust 

OneTrust Editorial Team

May 12, 2023

Learn more

Ethics & Compliance

‘Culture of compliance’ behind DOJ’s voluntary self-disclosure updates

Is your compliance program ready to do the right thing and step up and own up to misconduct?

Jisha Dymond

May 12, 2023 8 min

Learn more

GRC & Security Assurance

Data retention policies should be automated to reduce risk

Tooling can create benefits for the organization while staying compliant with regulations

Jason Koestenblatt

May 11, 2023 4 min

Learn more

Ethics Program Management

Building a strategic framework for policy governance

Learn how a "policy on policies" can help create a framework for effective ethics policy governance and risk management.

Gbemi Yusuff

May 10, 2023 6 min

Learn more

Privacy Management

A privacy professional's guide to navigating responsible AI adoption

Learn how privacy professionals can guide their organizations towards responsible AI adoption by developing a comprehensive AI strategy that integrates privacy considerations, fostering a privacy-focused culture around AI decision-making, and navigating the risks of AI.

May 09, 2023 6 min

Learn more

Internal Audit Management

How to reduce audit fatigue: 5 remedies for InfoSec pros

How do you alleviate audit fatigue in your InfoSec team? Here are 5 practical remedies to reduce the stress and workload of frequent security audits

Katrina Dalao

May 08, 2023 8 min

Learn more

Data Discovery & Classification

How automation helps reduce your sensitive data footprint

Establish data retention and minimization policies to reduce your organization’s attack surface

Sam Curcuruto

May 05, 2023 4 min

Learn more

Privacy Management

Navigating the NIST AI Risk Management Framework with confidence

The NIST AI Risk Management Framework can help your organization to manage the risks associated with AI. Read the blog to learn how.

Laurence McNally

May 05, 2023 5 min

Learn more

Data Discovery & Classification

Expanding our data discovery leadership with machine learning classification tools

Learn how OneTrust Data Discovery uses AI, machine learning, and privacy by design to ensure responsible and compliant data governance.

Sam Curcuruto

May 04, 2023 3 min

Learn more

Privacy & Data Governance

Indiana set to become the 7th state to pass a comprehensive privacy law

The Indiana Consumer Data Protection Act will be set to take effect in 2026.

Alexis Kateifides

May 04, 2023 3 min

Learn more

Internal Audit Management

What is information security compliance?

What is InfoSec compliance? Learn why compliance is essential for your organization and how it safeguards against cyberthreats.

Katrina Dalao

May 04, 2023 7 min

Learn more

Privacy Management

Making privacy and trust a strategic imperative

Privacy has evolved beyond compliance. See what Forrester analyst Enza Iannopollo had to say about making privacy and trust a strategic imperative

Robb Hiscock, featuring Enza Iannopollo

May 03, 2023 7 min

Learn more

ESG & Sustainability

What is the EU Sustainable Finance Disclosure Regulation (SFDR)?

Learn about the EU Sustainable Finance Disclosure Regulation (SFDR), what it means for ESG investments, and how companies can comply.

Chris Fenwick, Head of ESG Center of Excellence, OneTrust

April 28, 2023 7 min

Learn more

Privacy Management

Tennessee passes Information Protection Act

Discover the impact of the Tennessee Information Protection Act (TIPA), passed on April 21, 2023, as it reshapes the US privacy landscape with new requirements for businesses, including risk assessments, data minimization, and opt-in consent for processing sensitive information, effective July 1, 2025.

Robb Hiscock

April 26, 2023 5 min

Learn more

ESG Program Management

What is the EU Carbon Border Adjustment Mechanism (CBAM)?

Learn how your organization can prepare for new regulations around carbon emissions in imported goods 

Chris Fenwick

April 25, 2023 4 min

Learn more

Privacy & Data Governance

Montana looks to pass Consumer Data Privacy Act

The bill is now on track to be the next state to sign a comprehensive state privacy bill into law

Alexis Kateifides

April 25, 2023 5 min

Learn more

Consent & Preferences

OneTrust Consent and Preferences now integrates with Tealium IQ

Tealium IQ launched Consent Integrations for their tag management system, enabling seamless privacy-first marketing campaigns

Ashlea Cartee

April 21, 2023 3 min

Learn more

Data Discovery & Security

3 priorities for the French DPO: 2. Take action

Take control of your organization’s data protection program by following these three priorities. The second priority – take action.

Robb Hiscock

April 20, 2023 8 min

Learn more

Data Discovery & Security

Preparing for new privacy legislation in Canada: Part one

How Canadian companies should respond to the new Consumer Privacy Protection Act (Bill C-27).

Neil Saddington

April 20, 2023 5 min

Learn more

Privacy & Data Governance

Vietnam publishes long-awaited Personal Data Protection Decree

Vietnam has finally published its Personal Data Protection Decree (PDPD). We cover its key points and how business can prepare for compliance.

Robb Hiscock

April 19, 2023 8 min

Learn more

Third-Party Due Diligence

OneTrust partners with Dow Jones Risk & Compliance for data-driven third-party due diligence

Today, we’re excited to announce the partnership between Dow Jones Risk & Compliance and OneTrust Third-Party Due Diligence.

Kelly Maxwell

April 18, 2023 6 min

Learn more

Data Discovery & Classification

5 ways to harness data classification to mitigate data sprawl

We explore the issue of data sprawl and how data classification automation tools can help mitigate it.

Bex Evans

April 18, 2023 6 min

Learn more

Trust Intelligence

Making trust real: An unwavering journey — for us 

See how OneTrust leaders build trust by focusing on people, product, and process.

April 17, 2023 4 min

Learn more

Privacy & Data Governance

My Health My Data Act passes Washington State Senate

The My Health My Data Act, also known as House Bill 1155, provides stronger privacy protections for consumers in relation to their personal health data. 

Alexis Kateifides

April 14, 2023 9 min

Learn more

Consent & Preferences

Austrian DSB ruling on international data transfers via tracking tools

Data transfers to the US via a tracking pixel tool by a prominent global technology company were found to be in violation of the GDPR by the Austrian DSB.

Linda Thielova

March 22, 2023 3 min

Learn more

Consent & Preferences

OneTrust + Adobe = Automated consent orchestration

OneTrust Consent and Preferences integrates with Adobe Experience Platform so businesses can provide personalized experiences and comply with regulations.

Alex Cash

March 20, 2023 3 min

Learn more

Privacy & Data Governance

Making it easier to responsibly use data with new data discovery capabilities

OneTrust's data discovery capabilities make it easier for businesses to understand and use data responsibly by connecting and classifying existing data.

Ojas Rege

March 20, 2023 4 min

Learn more

Privacy & Data Governance

Governor signs comprehensive privacy bill in Iowa

Governor Reynolds of Iowa signed SF262, An Act Relating To Consumer Data Protection offering a more business-friendly approach to privacy.

Robb Hiscock, Content Marketing Specialist, CIPP/E, CIPM, OneTrust

March 17, 2023 5 min

Learn more

Data Discovery & Classification

What is data discovery?

Businesses are dealing with unprecedented amounts of digital information that needs to be monitored, managed, and secured.

Jason Koestenblatt, Team Lead, Content Marketing, OneTrust

March 10, 2023 8 min

Learn more

Consent & Preferences

Transform retail experiences with consent and preferences

Retailers can build trust with customers by complying with data privacy regulations and providing a transparent consent and preference management process.

Ashlea Cartee

March 10, 2023 8 min

Learn more

Consent & Preferences

The ROI of purpose-based consent and preference management

Learn how consent management is essential to build trust and delivering personalized customer experiences by collecting and using data responsibly.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust

March 10, 2023 7 min

Learn more

Third-Party Risk

How to manage third-party risk across your entire business

Businesses need a comprehensive third-party management strategy covering all aspects of their relationships with third parties, such as security, privacy, ethics, and ESG.

March 08, 2023 7 min

Learn more

Privacy & Data Governance

UK Data Protection and Digital Information Bill re-introduced to Parliament

The UK Data Protection and Digital Information Bill  aims to reduce the administrative burden on businesses, promote international trade and reduce consent notices.

Robb Hiscock

March 08, 2023 5 min

Learn more

ESG & Sustainability

The ultimate guide to board diversity and skills requirements

ESG governance is becoming increasingly important as companies face pressure from stakeholders to address environmental, social, and governance issues.

Chris Fenwick

March 08, 2023 23 min

Learn more

Third-Party Risk

Why data privacy and third-party risk teams need to work together

Sharing information and resources across organizational silos is mutually beneficial for teams with the common goal of mitigating data privacy risk.

Scott Solomon

March 07, 2023 6 min

Learn more

GRC & Security Assurance

How to manage privacy and security compliance? 6 questions with GRC experts

Our GRC experts discuss how privacy and security compliance are evolving to meet modern market demands and ushering in a whole new era of automation.

Katrina Dalao, Sr. Content Marketing Specialist, OneTrust

March 07, 2023 8 min

Learn more

Privacy & Data Governance

Cyberspace Administration of China releases final SCCs

The Standard Contractual Clauses (SCC) and their measures set additional rules for transferring personal information data from the People's Republic of China.

Linda Thielova

March 06, 2023 7 min

Learn more

GRC & Security Assurance

Understanding IT security frameworks: Types and examples

Security frameworks are roadmaps for developing and implementing effective security programs that protect organizations from threats and vulnerabilities.

Katrina Dalao

March 06, 2023 11 min

Learn more

GRC & Security Assurance

5 ways leaders are automating their GRC programs in 2023

Learn five top functional categories GRC professionals and leaders identify as priorities for creating a mature and meaningful automation strategy.

March 02, 2023 4 min

Learn more

Ethics & Compliance

Speak-up culture 101: Why speak-up culture matters and how to build yours

Learn how to build, measure, and grow your speak-up program to foster trust, shared responsibility, and the highest standards of ethical conduct.

Gbemi Yusuff

March 02, 2023 9 min

Learn more

Privacy & Data Governance

How to approach the ICO’s “Privacy in the product design lifecycle”

Learn more about the ICO's "Privacy in the product design lifecycle" guidance and how you can implement Privacy by Design (PbD) in your organization.

Robb Hiscock

March 01, 2023 11 min

Learn more

GRC & Security Assurance

10 GRC trends: What’s next for governance, risk, and compliance?

Cybersecurity, third-party risk, and other policies fall under the GRC domain. Here are the top 10 emerging drivers and trends shaping security compliance.

Katrina Dalao

February 23, 2023 5 min

Learn more

Privacy & Data Governance

Global Privacy Platform (GPP): What this means for ad tech and US privacy laws

IAB Tech Lab, the digital advertising technical standards-setting body, recently announced the launch of its Global Privacy Platform (GPP).

Ashlea Cartee

February 23, 2023 4 min

Learn more

Privacy & Data Governance

3 priorities for the French DPO: 1. Gain visibility

DPOs must have visibility into what teams are doing and work closely with the CISO to help direct organizational processes toward data protection and security.

Noshin Khan

February 22, 2023 9 min

Learn more

Trust Intelligence

OneTrust kicks off new year with strong momentum, building on successes from 2022

In 2023, we are focused on continuing to innovate across this platform, focusing on the core areas of privacy, security, ethics, compliance, and ESG. 

February 20, 2023 5 min

Learn more

Ethics Program Management

Speak-up culture toolkit: Policy management

Learn how effective policy management drives employee engagement and strengthens your company speak-up culture.

Noshin Kahn

February 20, 2023 7 min

Learn more

GRC & Security Assurance

OneTrust introduces Certification Automation

OneTrust Certification Automation facilitates the compliance and audit process to help you achieve security certifications in half the time. 

Katrina Dalao

February 16, 2023 3 min

Learn more

Third-Party Risk

Supply Wisdom risk intelligence is now available in OneTrust’s Third-Party Risk Exchange

The partnership with Supply Wisdom brings compliance, financial, location-based ESG, and cyber risk data to Exchange customers and their third parties.

Chet Devchand, Director, Business Development Management

February 14, 2023 3 min

Learn more

Third-Party Due Diligence

Speak-up culture toolkit: Inviting third parties to contribute

Creating a strong, healthy speak-up culture requires you to empower all participants, including third parties, to raise issues related to ethics and compliance.

Gbemi Yusuff

February 13, 2023 6 min

Learn more

GRC & Security Assurance

7 steps to comply with ISO 31700-1:2023 (standard on Privacy by Design)

This standard looks to define clear rules for organizations around how consumers’ personal information is processed and how consumer privacy is addressed throughout the product lifecycle

Linda Thielova

February 10, 2023 7 min

Learn more

ESG & Sustainability

The EU Taxonomy: What you need to know

With two objectives of the EU Taxonomy in effect, make sure your organization is on top of compliance with new ESG reporting requirements.

Chris Fenwick, OneTrust Head of ESG Center of Excellence

February 09, 2023 6 min

Learn more

Privacy & Data Governance

What California’s CCPA investigative sweep means for your mobile applications

The California Attorney General declared an investigative sweep of mobile apps that don't comply with certain CCPA opt-out and consumer request provisions.

Alex Cash

February 01, 2023 5 min

Learn more

Consent & Preferences

The ultimate guide to US opt-out requirements

Five new US state privacy laws mean five new sets of opt-out requirements. Learn how to make sure your organization maintains compliance in 2023.

Ashlea Cartee

January 31, 2023 10 min

Learn more

ESG & Sustainability

ESG reporting 101: Guide to ESG standards and sustainability frameworks

As norms and standards continue to evolve, you should be prepared to respond with your own ESG reporting strategy and management.

Julie Yamamoto

January 30, 2023 23 min

Learn more

Privacy & Data Governance

Colorado AG releases third version of draft CPA regulations

The latest version of the draft Colorado Privacy Act regulations is based on the outcome of the public consultation held between October 2022 and January 2023.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 30, 2023 13 min

Learn more

Privacy & Data Governance

Your guide to celebrating Data Privacy Day 2023

Data Privacy Day 2023 is a great chance to raise awareness of privacy and data protection issues from around the world and your organization.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 25, 2023 7 min

Learn more

ESG & Sustainability

Ultimate guide to the EU CSRD ESG regulation for businesses

This guide provides everything your business needs to know about the upcoming EU ESG regulation - the Corporate Sustainability Reporting Directive (CSRD).

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

January 20, 2023 16 min

Learn more

Ethics & Compliance

Speak-up culture toolkit: Leveraging disclosure data to drive a speak-up culture

Healthy disclosure rates are an indicator of a strong speak-up culture. Discover how to improve disclosure participation and engagement.

Noshin Khan

January 17, 2023 4 min

Learn more

Privacy & Data Governance

Addressing UK app Code of Practice requirements with OneTrust

OneTrust has developed an Android SDK scanner to comply with Google Play Data safety while supporting the new UK app Code of Practice.

Julian Evans

January 13, 2023 6 min

Learn more

Privacy & Data Governance

Belgian DPA approves action plan for IAB Europe’s TCF

After violating the GDPR, the Belgian DPA approved an action plan to bring the processing of personal data within the IAB TCF into compliance with the GDPR.

Alex Cash, Director of Strategy, Consent & Preferences | CIPP/E, CIPM

January 12, 2023 7 min

Learn more

Ethics & Compliance

Continuous improvement: The leading indicator for successful compliance programs

Continuous improvement is a method of operationalizing improvement to processes, products, or other aspects of a business through a cycle of repeatable steps.

Gbemi Yusuff

January 11, 2023 6 min

Learn more

Third-Party Risk

Build trust, promote your program in the Third-Party Risk Exchange

The Third-Party Risk Exchange allows businesses to learn more about each other's security posture, offer SIG Lite assessments on-demand, and more.

Pranav Menem

January 10, 2023 3 min

Learn more

Consent & Preferences

Consent management by the numbers: 2022 DMA report summary

We partnered with the Data & Marketing Association (DMA) (UK) to research how marketers manage their data and the value they realize using CMP systems.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust Consent and Preferences

January 09, 2023 4 min

Learn more

Trust Intelligence

Building trust in a zero trust world

OneTrust CEO Kabir Barday recently participated in a panel discussion with Deloitte at CES, discussing how to build digital trust to drive business performance.

Kabir Barday CEO, OneTrust

January 09, 2023 4 min

Learn more

Privacy & Data Governance

Navigating the California Privacy Rights Act as a HIPAA-compliant business

CPRA’s health information exemption is not a blanket entity exemption, meaning HIPAA-compliant organizations may still need to consider its requirements.

Bex Evans, Senior Product Marketing Manager | CIPP/E, CIPM

January 09, 2023 5 min

Learn more

Privacy & Data Governance

US state privacy bills on the horizon in 2023

Stay up to date with the latest news in US state privacy law, with bill highlights, legislation status, and resources to help your organization stay compliant.

Param Gopalasamy

January 06, 2023 4 min

Learn more

ESG & Sustainability

EFRAG approved the European Sustainability Reporting Standards

EFRAG has released first draft European sustainability reporting standards as part of the EU Corporate Sustainability Reporting Directive.

Chris Fenwick

January 06, 2023 8 min

Learn more

Speak-Up Program Management

Speak-up culture toolkit: Helpline and case management

Everyone wins when you shine a light on your ethics and compliance helpline and build a speak-up culture that reflects your organization's values.

Kelly Maxwell, Content Marketing Specialist

January 05, 2023 6 min

Learn more

Consent & Preferences

3 steps to stay compliant while using consent-driven targeted marketing

Learn how your organization can utilize targeted ads while still being compliant by following these three steps to ensure you prioritize your user's privacy.

Alex Cash

January 04, 2023 4 min

Learn more

Third-Party Risk

As third-party needs sprawl, so do risk management investments

From a new focus on ESG to a renewed need for cybersecurity, third-party and vendor risk management solutions have become a priority for organizations.

Jason Koestenblatt

January 04, 2023 3 min

Learn more

Privacy Automation

The dos and don’ts of CPRA privacy rights requests 

The CPRA has new consumer rights for California residents and employees, meaning new obligations and rights requests are coming your organization's way.

Robb Hiscock

January 03, 2023 7 min

Learn more

Data Discovery & Security

How OneTrust helps reduce your sensitive data footprint

More data, more costs, more risk. More value? That’s up to how your organization makes use of data retention and minimization principles.

Rebecca Evans

December 23, 2022 4 min

Learn more

Privacy & Data Governance

Conducting PIA, DPIA, and TIA to inform notices

Privacy Impact Assessments, Data Protection Impact Assessments, and Transfer Impact Assessments are vary greatly in terms of what, why, and when.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

December 21, 2022 9 min

Learn more

Ethics & Compliance

The ultimate guide to complying with the EU Whistleblower Directive

Due to the Directive, your whistleblower hotline, retaliation policies, and compliance program may require a revamp, even if your employees are not in the EU.

December 19, 2022 15 min

Learn more

ESG & Sustainability

CSRD: EU ESG disclosure rule is approved

The European Parliament and Council adopted the CSRD to make businesses more publicly accountable for their societal and environmental impacts.

Alexis Kateifides, Senior Counsel, OneTrust Centers of Excellence

December 18, 2022 6 min

Learn more

Privacy & Data Governance

CCPA toll-free number requirement

The California Privacy Rights Act (CPRA) follows up the CCPA with new and expanded rights, retaining the toll-free number requirement.

Param Gopalasamy, CIPP/E, CIPM

December 15, 2022 4 min

Learn more

Ethics & Compliance

Maximizing your compliance budget in 2023

If your team receive cuts, follow these recommendations to prioritize resources for critical activities, do more with less, and continue to achieve key outcomes.

December 14, 2022 6 min

Learn more

ESG & Sustainability

Ultimate guide to ESG sustainability

As global organizations begin to adopt key ESG principles, it's critical to pivot your business strategy to address sustainability.

Julie Yamamoto

December 13, 2022 35 min

Learn more

Privacy & Data Governance

The ultimate guide to US privacy

Our guide will help you better understand the five state privacy laws and how they will define the US privacy landscape in lieu of a federal privacy framework.

Robb Hiscock

December 09, 2022 22 min

Learn more

Third-Party Due Diligence

Best practices for conducting third-party due diligence for ethics and compliance

A well-designed compliance program should apply risk-based due diligence and have a process for the full lifecycle of third-party risk management

Kelly Maxwell

December 08, 2022 9 min

Learn more

ESG & Sustainability

3 key takeaways from COP27

Learn three key takeaways from COP27, which includes reinforcing the growing demand for true and accurate reporting on climate risks for investors.

Chris Fenwick

December 06, 2022 8 min

Learn more

Trust Intelligence

Trending toward trust: What organizations need to watch in 2023

Trending Toward Trust is the new 2023 report from OneTrust, highlighting some of the most significant trends that will shape trust in organizations.

Robb Hiscock

December 05, 2022 4 min

Learn more

Third-Party Risk

Ironclad, OneTrust partner to streamline and secure third-party procurement processes

To help organizations take a holistic approach to the third-party contracting and risk management process, OneTrust has partnered with Ironclad.

Chet Devchand

November 30, 2022 4 min

Learn more

Privacy & Data Governance

Navigating the CPRA as a GLBA-compliant business

The California legislature amended the CCPA , recognizing the conflict between the CCPA and sectoral frameworks such as the Gramm-Leach-Bliley Act.

Robb Hiscock

November 29, 2022 5 min

Learn more

ESG & Sustainability

Proposed UK Disclosure Framework Focuses on Corporate Climate Transition | Blog | OneTrust

At COP27, the UK announced The Transition Plan Taskforce Disclosure Framework aiming to strengthen reporting requirements for companies in the UK.

Chris Fenwick, OneTrust Head of ESG Center of Excellence

November 29, 2022 7 min

Learn more

Privacy & Data Governance

From Sapin II to Sapin III: France’s anti-corruption fight

Sapin III will soon expand the French commitment to detect and punish corruption – how will you and your compliance team need to adapt?

Kelly Maxwell

November 28, 2022 8 min

Learn more

GRC & Security Assurance

7 myths about SOC 2 compliance

Understand what your company needs to achieve SOC 2 compliance and protect customer data. Read more about the seven myths about SOC 2 compliance.

November 25, 2022 4 min

Learn more

Third-Party Risk

What every Chief Privacy Officer should know about third-party risk management

CPOs track risk via data mapping, in which data is discovered, assessed, and tracked as it flows throughout the organization, including to third parties.

Jason Koestenblatt, Team Lead, Content Marketing

November 18, 2022 6 min

Learn more

Ethics & Compliance

The role of disclosures in risk assessment and mitigation

An effective COI program will identify and mitigate these organizational risks through effective employee engagement, analysis, and periodic review.

Noshin Khan

November 17, 2022 5 min

Learn more

ESG & Sustainability

US Climate Risk Rule Could Affect More Than 5,700 Federal Suppliers | Blog | OneTrust

The US proposes a climate risk rule requiring major suppliers to disclose greenhouse gas emissions and set science-based emissions reduction targets.

Chris Fenwick

November 15, 2022 5 min

Learn more

ESG & Sustainability

The COP27 climate summit: What to expect and why it matters

The annual COP is the largest and most important climate action event of the year and is a critical step in prioritizing collective efforts to fight climate change. 

Chris Fenwick, OneTrust Head of ESG Center of Excellence

November 14, 2022 10 min

Learn more

Privacy & Data Governance

3 steps for mitigating the impact of ransomware attacks through data discovery

Ransomware attacks are costly to a company's bottom line and reputation, but having greater knowledge of your dataset can reduce the impact of an attack.

Bex Evans

November 09, 2022 5 min

Learn more

GRC & Security Assurance

SOC 2: starting your audit process

SOC 2 is a voluntary compliance standard for managing customer data while outlining the minimum requirements to maintain your customers' security.

November 09, 2022 4 min

Learn more

Ethics Program Management

Department of Justice: 2022 updates to corporate compliance guidance

After this year's DOJ updates, corporate compliance officers must update their executive teams and boards of directors on the new approach to enforcement.

Kelly Maxwell

November 08, 2022 8 min

Learn more

Privacy Management

The Ultimate Guide to PIPEDA Compliance

PIPEDA is a Canadian federal privacy law that aims to regulate the use of personal information in commercial activity by private-sector organizations.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

November 03, 2022 14 min

Learn more

Privacy & Data Governance

CCPA regulations: A timeline of amendments

Since its passing, the CCPA and its accompanying regulations have undergone several modifications. Here's your guide to understanding them better.

Param Gopalasamy

November 03, 2022 11 min

Learn more

GRC & Security Assurance

9-point framework for evaluating SOC 2 software

The founder of Fractional CISO, Rob Black, identified nine key considerations to guide the vendor evaluation process and reach your SOC 2 compliance goals. 

November 02, 2022 5 min

Learn more

Third-Party Risk

Thousands of RiskRecon grades now available in the OneTrust Third-Party Risk Exchange

We are partnering with RiskRecon, a Mastercard Company to make cybersecurity ratings available out-of-the-box to all Third-Party Risk Exchange customers.

Chet Devchand

November 01, 2022 3 min

Learn more

Privacy & Data Governance

US Privacy Masterclass: Your four essential questions answered

In this blog, we’ll go over questions around the GLBA, NIST, GPC, and PIAs in California and HIPAA and explain how your organization can comply.

Garrett Groos

October 31, 2022 4 min

Learn more

Privacy & Data Governance

Navigating the CPRA’s “Do Not Sell or Share” requirement

On January 1, 2023, the California Privacy Rights Act (CPRA) will expand and amend several aspects of the CCPA, including consumer rights.

Param Gopalasamy

October 28, 2022 5 min

Learn more

Privacy & Data Governance

Navigating the CPRA’s “Do Not Sell or Share” requirement

CCPA consumer rights such as the right to opt out of the sale of personal information, have resulted in critical challenges. Learn how OneTrust helps.

Param Gopalasamy

October 28, 2022 5 min

Learn more

Consent & Preferences

Use first-party data for a powerful digital experience

Collecting, managing, and activating first-party data will enhance customer experience by providing customers with the right experience at the right time.

Ashlea Cartee, Product Marketing Manager, Consent and Preferences

October 26, 2022 9 min

Learn more

GRC & Security Assurance

What are the ISO 27001 updates?

The International Organization for Standardization (ISO) released its first framework, the 27001, that outlined a cybersecurity foundation for businesses.

Jason Koestenblatt, Team Lead, Content Marketing

October 25, 2022 4 min

Learn more

GRC & Security Assurance

ISO 27001: Scoping and mandatory clauses

Prepare for ISO 27001 certification with a scope statement that defines your company’s information security management system.

October 24, 2022 3 min

Learn more

Third-Party Risk

Put a hold on hacks: Fight the phish and other emerging cyber threats

In 2021, there was a 62% global attack spike in ransomware (158% increase in North America), and an increased focus on attacks by regulatory bodies.

Jason Koestenblatt, Team Lead, Content Marketing

October 21, 2022 6 min

Learn more

Privacy & Data Governance

Is GDPR relevant for your US-based tech startup?

Learn about the pivotal EU law, GDPR, that could affect how your company approaches customer data protection and privacy US-based company.

October 19, 2022 2 min

Learn more

Ethics & Compliance

Holiday disclosures: Avoid conflicts of interest during gift-giving season 

With the season of holiday parties and corporate gifting around the corner, autumn and winter are jam-packed with potential conflicts of interest. 

Kelly Maxwell

October 18, 2022 5 min

Learn more

Introducing the New OneTrust Brand

The changes to our new OneTrust logo and brand identity represent the next era of our company as the market-defining leader in Trust Intelligence.

Lisa Campbell

October 12, 2022 2 min

Learn more

Privacy & Data Governance

OneTrust partners with Microsoft to enhance customer experience with Microsoft Intelligent Data Platform

OneTrust and Microsoft are partnering to expand the options available to Chief Data Officers (CDOs) to address this challenge of visibility and governance.

Chet Devchand, Head of Technology Partnerships

October 12, 2022 3 min

Learn more

Ethics & Compliance

Compliance best practices: Presenting to a board of directors

Giving a compliance presentation to the board of directors can be a nerve-wracking experience, but these ten guidelines will set you up for success.

Phillip Winterburn

October 11, 2022 9 min

Learn more

ESG Program Management

Embedding ESG transformation into the future enterprise

An organization's ability to demonstrate its ESG credentials transparently has become a vital business differentiator and a critical part of trust conversations.

Vladimir Kroa

October 10, 2022 6 min

Learn more

GRC & Security Assurance

What can and can’t be automated for SOC 2

Not all SOC 2 components can be automated, but those that can save your business time and money. Learn more about what can be automated for SOC 2.

October 05, 2022 4 min

Learn more

Carbon Accounting

Corporate climate goals: Building your net zero story

When addressing climate change impact across the enterprise, it's important to consider not only your internal impact, but external influences.

Julie Yamamoto, ESG Content Marketing Manager

October 04, 2022 11

Learn more

Third-Party Due Diligence

Triage: The first step for effective third-party due diligence

According to the DOJ’s guidance, it’s necessary to prioritize due diligence, questionnaires, and contracting with the third parties that present highest risk.

Jenna Thomas

September 29, 2022 4 min

Learn more

GRC & Security Assurance

What is a SOC 2 report?

Systems and Organization Controls 2  is an attestation that evaluates your company’s ability to securely manage the data you collect from your customers.

September 28, 2022 6 min

Learn more

Privacy & Data Governance

HIPAA vs. HITRUST: What’s the difference?

Learn how HIPAA and HITRUST frameworks compare, which is required for your information security compliance and protection of patient health information.

September 27, 2022 4 min

Learn more

Third-Party Risk

Why choose OneTrust for third-party management?

OneTrust simplifies third-party management by enabling control and visibility throughout the entire third-party lifecycle while you manage third parties.

Scott Solomon, Senior Manager, Product Marketing

September 23, 2022 5 min

Learn more

GRC & Security Assurance

How much does ISO 27001 certification cost?

Companies are choosing to adopt a trusted security framework, and ISO 27001, as a globally recognized certification, is the framework of choice for many. 

September 21, 2022 6 min

Learn more

GRC & Security Assurance

How to use your security program to win more deals

As more customers are concerned with data protection, a security-focused sales process can help win more deals.

September 21, 2022 2 min

Learn more

GRC & Security Assurance

HIPAA vs. GDPR compliance: what’s the difference?

HIPAA and GDPR are leading frameworks that protect the privacy of individuals. Learn the difference between the two.

September 21, 2022 6 min

Learn more

GRC & Security Assurance

6 questions, 2 InfoSec directors: Your policy management answers

In a OneTrust-hosted webinar, we discussed the common pitfalls of policy management for InfoSec teams with the Director of Information Security at Arcadia.

Jason Koestenblatt

September 21, 2022 8 min

Learn more

Privacy & Data Governance

US privacy masterclass 2.0: webinars + roadshows

Get the latest information about updated consumer rights, expanded employee rights, and privacy risk assessments, and learn to operationalize them.

Anne Kenyon

September 20, 2022

Learn more

Privacy & Data Governance

Children’s online safety at the forefront of California law

California's new law, AB 2273, known as the California Age-Appropriate Design Code Act (CAADCA), protects minors and their data on the Internet.

Ojas Rege

September 20, 2022 3 min

Learn more

GRC & Security Assurance

Understanding ISO 27001 Annex A Controls | Blog | OneTrust

Learn the key points of ISO 27001 Annex A controls and how they affect the overall audit process for your organization.

September 15, 2022 5 min

Learn more

GRC & Security Assurance

What is Statement of Applicability?

Your Statement of Applicability for ISO 27001, otherwise known as your SoA, is a mandatory step for anyone planning on pursuing ISO 27001 certification.

September 14, 2022 6 min

Learn more

GRC & Security Assurance

What is change management?

A defined change management process enables your organization to mitigate risk and reduce disruption.

September 14, 2022 4 min

Learn more

GRC & Security Assurance

SyncMonkey saves $100K, hundreds of hours with SOC 2 compliance automation

Centralized information management system SyncMonkey took a proactive approach to security by investing in certification automation

September 13, 2022 3 min

Learn more

Internal Audit Management

ISO 27001 vs. NIST Cybersecurity Framework

ISO 27001 and NIST CSF are two cybersecurity guidelines with significant overlap. Learn how they work together to increase information security

September 12, 2022 5 min

Learn more

Internal Audit Management

Understanding your auditor’s SOC 2 report opinion

Learn the four types of SOC 2 report opinions during the audit process and what they mean to your business and customers.

September 12, 2022 4 min

Learn more

Privacy & Data Governance

CPRA employee privacy rights moving ahead

The CPRA will extend new rights for employees which will present a unique set of challenges for organizations. Read the blog to learn more.

Tess Macapinlac, OneTrust Lead Privacy Counsel

September 08, 2022 5 min

Learn more

Governance & Policy Management

HIPAA vs. ISO 27001: What’s the difference?

HIPAA and ISO 27001 are complementary frameworks that form an undeniably strong security posture

September 08, 2022 4 min

Learn more

GRC & Security Assurance

Building an information security program from scratch

In this blog, we’ll discuss the three stages of building your InfoSec program in more understandable terms, so you can get started getting more secure.

September 07, 2022 6 min

Learn more

Ethics & Compliance

Compliance program performance metrics: How to measure compliance

Effectively Measuring compliance can prevent reputational damage, protect the bottom line, and potentially avoid costly fines and enforcement action.

Kelly Maxwell

September 07, 2022 7 min

Learn more

Internal Audit Management

The ISO 27001 audit process

An ISO 27001 audit ensures your organization has the necessary information security management and relevant policies in place

September 07, 2022 5 min

Learn more

Carbon Accounting

What are scope 1, 2, and 3 emissions?

The GHG Protocol Corporate Standard defines three types of GHG emissions - Scope 1 (direct emissions) and Scope 2 and Scope 3 (indirect emissions).

Julie Yamamoto, ESG Content Marketing Manager

September 06, 2022 14 min

Learn more

Third-Party Risk

Reduce unnecessary risk with third-party risk management controls

As more tasks are outsourced to third-party providers, risk management programs become critical to securing sensitive data

September 03, 2022 4 min

Learn more

ESG & Sustainability

Jump start your ESG program and reporting in 5 easy steps

ESG programs can be challenging to build and manage as they cross organizational boundaries and have multiple internal and external stakeholders.

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

August 31, 2022 5 min

Learn more

Ethics & Compliance

How to comply: German Supply Chain Due Diligence Act and forthcoming EU rules

New regulations around the world are focused on human rights, environmental risks, and labor rights, creating a new set of obligations for companies.

Kelly Maxwell, Content Marketing Specialist, OneTrust

August 29, 2022 7 min

Learn more

Consent & Preferences

How does consent affect data retention?

Organizations must be able to justify and maintain meticulous records of how and why they’re using data downstream from the point of collection.

Ashlea Cartee, OneTrust Product Marketing Manager, Consent and Preferences

August 29, 2022 5 min

Learn more

ESG & Sustainability

The corporate carbon footprint: a quick guide

A company’s Corporate Carbon Footprint (CCF), is the total amount of GHG emissions that are directly or indirectly caused by a company’s activities.

Marc Issel, Director of Carbon Intelligence, OneTrust

August 25, 2022 7 min

Learn more

Consent & Preferences

Global Privacy Control: How to honor consumer opt-out requests

The Global Privacy Control (GPC) empowers users to signal their chosen privacy settings to websites and services through their browser. 

Alex Cash, OneTrust Director of Strategy

August 25, 2022 2 min

Learn more

Data Discovery & Security

6 questions to ask yourself when building a Data Governance framework

Let’s explore building your own data governance framework, including the benefits and questions to ask yourself and your team when undergoing the process. 

Kevin Jones

August 19, 2022 4 min

Learn more

Privacy & Data Governance

Top 4 benefits of Data Governance tools

Data governance tools can help you enhance the privacy, security, and integrity of your data while adding value to your business.

Kevin Jones, Director, Product Management, Privacy & Data Governance Cloud

August 17, 2022 5 min

Learn more

Trust Intelligence

Your ultimate guide to careers at OneTrust

OneTrust is a team of people who are collectively passionate about innovation and technology while supporting career development and growth.

August 11, 2022

Learn more

Cookie Consent

August cookie complaints from noyb: What you need to know

On August 9, 2022, Max Schrems’ noyb lodged 226 GDPR-related complaints with 18 authorities against websites for cookie banner compliance.

Ojas Rege

August 10, 2022 2 min

Learn more

Ethics & Compliance

Whistleblower risk for private companies

Privately-owned companies in the U.S. and Europe are potential targets for the Sarbanes-Oxley Act (SOX) and EU Directive retaliation lawsuits.

August 04, 2022 8 min

Learn more

Consent & Preferences

Google delays deprecation of cookies until 2024

On July 27, 2022, Google announced that they are postponing the deprecation of third-party cookies on Google Chrome to 2024. Here's what to know.

Ashlea Cartee

August 01, 2022 3 min

Learn more

Privacy & Data Governance

The ADPPA advances to the house floor

The ADPPA is emerging to have the strongest chance of success after being passed after the House Energy and Commerce Committee voted 53-2 in its favor. 

Alexis Kateifides

July 21, 2022 3 min

Learn more

Privacy & Data Governance

Policy attestation: If you can’t measure it, you can’t manage it

A successful policy management program will help you establish governance, achieve compliance, and reduce business risk.

Michele Muriyan, Product Marketing Manager, GRCP

July 21, 2022 4 min

Learn more

Privacy & Data Governance

Comparing ISO 37002 and the EU Whistleblower Directive

The ISO 37002 is a framework for setting up and maintaining a whistleblowing hotline that adheres to the highest standards as outlined by the ISO.

Kelly Maxwell

July 19, 2022 3 min

Learn more

ESG & Sustainability

ESG 101: What does social in ESG mean?

This ESG 101 blog takes a closer look at the Social in ESG: what it is, why social impact is important, and how to map it to Sustainable Development Goals.

Jamie Molnar

July 12, 2022 13 min

Learn more

Privacy & Data Governance

The California Privacy Protection Agency (CPPA) files notice of proposed rulemaking for the CPRA

The CPPA announced on July 8, 2022, that it is beginning the process to adopt regulations to implement the Consumer Privacy Rights Act of 2020 (CPRA).

Alexis Kateifides, OneTrust Senior Center of Excellence Counsel

July 11, 2022 2 min

Learn more

Third-Party Due Diligence

How to manage and measure third-party risk

To become a trust-based business, protect your brand's reputation, and ensure compliance, you'll need to vet and monitor your third-party relationships. 

Kelly Maxwell

July 10, 2022 6 min

Learn more

Privacy & Data Governance

The top 6 data governance best practices

We will look at the top six best data governance practices to ensure your organization's program delivers and is efficient and effective.

Sam Gillespie, OneTrust Offering Manager, Privacy & Data Governance

July 08, 2022 4 min

Learn more

Ethics & Compliance

Wendy Addison and LeisureNet: A Whistleblower’s story of Retaliation

After blowing the whistle on South Africa's LeisureNet, Wendy Addison lost her job, survived poverty, and spent decades rebuilding her life and career.

Kelly Maxwell, Content Marketing Specialist, OneTrust

July 07, 2022 7 min

Learn more

Ethics & Compliance

The EU Whistleblower Directive and GDPR: How to protect whistleblowing data

It’s essential that your organization's whistleblowing processes account for the requirements of both GDPR and the EU Whistleblower Directive.

Jenna Thomas

July 05, 2022 4 min

Learn more

GRC & Security Assurance

What are the benefits of a GRC management tool?

GRC tools eliminate the worry of managing regulatory requirements and provide actionable insights to improve your GRC approach, aligning key risk initiatives.

Kaitlyn Archibald

June 30, 2022 4 min

Learn more

Ethics & Compliance

Finding a hotline vendor that will help you comply with the EU Whistleblower Directive

There are 7 key elements that you can use to evaluate potential vendors or measure your current hotline provider to comply with EU Whistleblower Directive.

Jenna Thomas, Content Marketing Manager, Ethics

June 29, 2022 8 min

Learn more

Consent & Preferences

OTT & CTV Consent: Providing streamers control over choices

As a result of OTT/CTV’s precise targeting capabilities and addressability, advertisers can tap into significant opportunities through this particular advertising medium.

Ashlea Cartee, OneTrust Product Marketing Manager, Consent & Preferences

June 28, 2022 5 min

Learn more

ESG & Sustainability

Trust geek glossary: SBTi – Science Based Targets initiative

The Science Based Targets initiative is a coalition that promotes SBTs to facilitate and strengthen business participation in the shift to a net-zero economy.

Julie Yamamoto

June 23, 2022 11 min

Learn more

Ethics & Compliance

How to support and protect whistleblowers on World Whistleblower Day and beyond

June 23 marks World Whistleblower Day, highlighting whistleblowers' importance in fighting corruption along with ways to support these brave individuals.

June 22, 2022 7 min

Learn more

Ethics & Compliance

The EU Whistleblower Protection Directive: Retaliation and the Reverse burden of proof

Your company likely has an anti-retaliation policy, but is it enough to meet the new requirements within the EU Whistleblower Protection Directive?

Kelly Maxwell, Content Marketing Specialist, OneTrust

June 16, 2022 6 min

Learn more

Privacy & Data Governance

5 privacy milestones to prepare for in 2023

Our team of regulatory experts monitors the global privacy landscape to interpret what current trends and milestones mean for maturing privacy programs.

Ryan Edge

June 14, 2022 7 min

Learn more

Ethics & Compliance

Treat your Code of Conduct like a marketing campaign

Thinking like a marketer will help push users to enact certain behaviors and drive engagement to your Code of Conduct and improve compliance.

June 13, 2022 7 min

Learn more

Third-Party Risk

10 steps to improving your security questionnaire responses

The information gathered from security questionnaires is critical in the evaluation of business and security practices, and is crucial for compliance.

Daniela Villarreal

June 12, 2022 7 min

Learn more

ESG & Sustainability

ESG 101: What are ESG topics?

This ESG blog series defines ESG and sustainability: what are ESG topics, why are they important, and how to map the three pillars of a sustainable business.

Julie Yamamoto, ESG Content Marketing Manager

June 09, 2022 10 min

Learn more

OneTrust organizational update

Due to the downturn in the capital markets, OneTrust reduced its workforce by 25% in June 2022, laying off 950 employees worldwide.

June 09, 2022 4 min

Learn more

Privacy & Data Governance

Your 2023 privacy strategy checklist​

As you prepare for what’s ahead, OneTrust’s team of experts has rounded up the most significant considerations for your privacy strategy in 2023 and beyond.

Ryan Edge, Director of Strategy | CIPP/E, CIPM

June 08, 2022 8 min

Learn more

Ethics & Compliance

Gifts, travel, and entertainment (GT&E) policies

Avoid the pitfalls of a manual GT&E policy and disclosure management process, going on the offensive with OneTrust's fully integrated platform.

Kelly Maxwell

June 07, 2022 6 min

Learn more

Privacy & Data Governance

Differences between Google's Data Safety and Apple's Nutrition Label

Read our blog to learn about the differences between Google Data Safety and Apple Nutrition Labels requirements and why it matters.

June 07, 2022 8 min

Learn more

Consent & Preferences

4 questions with OneTrust’s Chief Marketing Officer & Tech Trailblazer, Lisa Campbell

To congratulate Lisa on winning 2022 Tech Trailblazer, we sat down to discuss her journey to becoming a "Tech Trailblazer" and why building trust is essential. 

June 07, 2022 4 min

Learn more

Privacy & Data Governance

Bipartisan US Federal Privacy Bill submitted to the House of Representatives

On June 3, 2022, a draft of a comprehensive federal privacy bill, known as the American Data Privacy and Protection Act (ADPPA) was released.

Alexis Kateifides, Senior Center of Excellence Counsel | FIP, CIPM, CIPP/E

June 05, 2022 9 min

Learn more

Privacy & Data Governance

Building brand trust through Consent Governance

Learn how to set up a consent governance strategy across your organization to achieve privacy-centric data capture, distribution, and activation.

Ashlea Cartee

June 03, 2022 6 min

Learn more

Data Discovery & Security

4 steps to set up your data governance program

Let's go through four steps you can take to set up your data governance program effectively by leveraging the right tools and technologies.

Sam Gillespie, Data Governance Offering Manager

May 27, 2022 4 min

Learn more

ESG & Sustainability

IFRS outlines next steps for consolidating ESG disclosure standards

IFRS releases more details on integration of VRF as part of consolidating Environmental, Social, and Governance (ESG) disclosure standards.

Chris Fenwick, ESG Program Director,

May 26, 2022 5 min

Learn more

Privacy & Data Governance

How 4 years of GDPR has changed the privacy landscape

The introduction of the GDPR marked a new age in data protection legislation, opening the door to a growing global regulatory landscape.

Alexis Kateifides, Senior Center of Excellence Counsel

May 25, 2022 5 min

Learn more

TrustWeek 2022 Award winners announced

The TrustWeek 2022 Award Winners have been announced! The OneTrust team came together to recognize our bright and talented customers.

May 25, 2022 5 min

Learn more

Trust Intelligence

See the New Trust Intelligence Platform in action

Take a closer look at The Trust Intelligence Clouds, dedicated to solving today’s critical business challenges around trust and transparency

May 24, 2022 3 min

Learn more

Privacy & Data Governance

Announcing the OneTrust Privacy & Data Governance Cloud

OneTrust is excited to unveil the Privacy and Data Governance Cloud, empowering organizations to go beyond compliance and enable trusted data use.

Ryan Edge

May 24, 2022 7 min

Learn more

ESG & Sustainability

Announcing the OneTrust ESG & Sustainability Cloud

The OneTrust ESG and Sustainability Cloud empowers you to drive change, demonstrate impact, and foster trust through enhanced transparency.

Benedikt Franke

May 24, 2022 5 min

Learn more

Ethics & Compliance

Announcing the OneTrust Ethics & Compliance Cloud

The OneTrust Ethics and Compliance Cloud enables ethics, compliance, HR, and legal teams to unite people, process, and technology.

Philip Winterburn

May 24, 2022 7 min

Learn more

GRC & Security Assurance

Announcing the OneTrust GRC and Security Assurance Cloud

OneTrust launches holistic GRC and Third-Party Management solutions for proactive cybersecurity and compliance practices.

Cliff Huntington

May 24, 2022 7 min

Learn more

Trust Intelligence

Your guide to the Trust Intelligence Platform from OneTrust

The Trust Intelligence Platform delivers visibility across trust domains, action based on AI and regulatory intelligence, and automation to build trust by design.

Blake Brannon, OneTrust Chief Strategy Officer

May 24, 2022 6 min

Learn more

Privacy & Data Governance

"OneTrust was the only one we could rely on": Customers put trust at the forefront

Food delivery, convenience stores, and healthcare, to live entertainment - learn how customers are making trust the center of their business.

John Ville

May 24, 2022 2 min

Learn more

Trust Transformation

Trust Transformation starts here

OneTrust launched the world's first Trust Intelligence Platform to empower companies and organizations on their trust transformation.

Blake Brannon

May 24, 2022 2 min

Learn more

GRC & Security Assurance

New regulations push cyber resiliency on supply chain, FinServ industries

May 2022 cybersecurity regulation updates have brought four key legislations across US and EU regulatory bodies to our attention. Learn more.

Justin Henkel, Head of CISO Center of Excellence, OneTrust

May 23, 2022 5 min

Learn more

Speak-Up Program Management

How to outsource your whistleblower hotline

A dedicated whistleblower hotline is a vital tool for increasing organizational trust and strengthening your speak-up culture.

Phillip Winterburn, Principal, Product Marketing and Strategy, Ethics

May 20, 2022 5 min

Learn more

Third-Party Risk

OneTrust Third-Party Risk Exchange now provides SecurityScorecard Cybersecurity Rating

OneTrust is expanding its partnership with SecurityScorecard to enable Third-Party Risk Exchange customers to view complementary Cybersecurity Ratings.

Scott Solomon

May 17, 2022 4 min

Learn more

Data Discovery & Security

EU Data Governance Act approved by Council

The EU Data Governance Act aims to increase trust in data sharing, data intermediation services, and encourage data altruism in the EU.

Robb Hiscock, Content Marketing Specialist, CIPM, CIPP/E

May 16, 2022 5 min

Learn more

OneTrust selected by Samsung Ads for CMP rollout across Samsung TV Plus service in Europe

Samsung Ads, the advertising division of Samsung Electronics, has tapped OneTrust Consent and Preferences across Samsung TV Plus in Europe.

Ashlea Cartee, Consent and Preferences Product Marketing Manager

May 13, 2022 4 min

Learn more

ESG & Sustainability

3 ways to include employee mental health as part of your ESG program

Find out how to prioritize employee mental health as part of your ESG program to build trust with employees and other stakeholders.

Sophie Hitchman-Smith, Corporate Communications at OneTrust

May 11, 2022 8 min

Learn more

Privacy & Data Governance

Thai PDPA compliance: the ultimate guide

The ultimate guide to Thai PDPA compliance highlights key requirements for organizations processing personal data in Thailand.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

May 09, 2022 9 min

Learn more

ESG & Sustainability

CDP vs SASB vs GRI sustainability reporting standards

Compare three major ESG reporting frameworks and sustainability reporting standards side-by-side: CDP vs. SASB vs. GRI.

Julie Yamamoto, ESG Content Marketing Manager

May 06, 2022 5 min

Learn more

Ethics Program Management

Engage, delight, and surprise: Switching from a static to interactive code of conduct

Learn how to replace outdated, lengthy, static PDF compliance documents with an Interactive Code of Conduct employees will actually read.

May 05, 2022 11 min

Learn more

GRC & Security Assurance

How are you measuring InfoSec KRIs and cybersecurity metrics?

Avoid analysis overload with focused risk and performance indicators

Kaitlyn Archibald

May 04, 2022 7 min

Learn more

Cookie Consent

Capture first-party data in a cookieless world

With the deprecation of third-party cookies in 2023, marketers and advertisers are examining what's next for their first-party data strategies.

Ashlea Cartee

May 03, 2022 6 min

Learn more

Privacy Management

Rethinking vendor risk assessments: The shift to risk analytics and control gap analysis

Why and how are businesses rethinking vendor risk assessments, risk analytics and control gap analysis? Learn more in our blog.

Scott Solomon, Product Marketing Lead, OneTrust | CIPM, CIPP/E

May 03, 2022 3 min

Learn more

Data Discovery & Security

Connecticut Data Privacy Act (CTDPA) signed into law

Connecticut is the 5th state in the US to pass a comprehensive privacy law, the Connecticut Data Privacy Act, or, CTDPA.

Alexis Kateifides

May 02, 2022 4 min

Learn more

ESG & Sustainability

Trust Geek Glossary: Global Reporting Initiative – GRI reporting

Global Reporting Initiative 101: A practical guide to GRI reporting, what it is, how the GRI Standards work, who uses it, and more.

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

April 28, 2022 8 min

Learn more

Data Discovery & Security

The top 3 challenges of unstructured data (and how to handle them)

Businesses have a semi-structured data model, made up of two types of data: unstructured data and structured data, exposing them to the risk of data loss.

April 26, 2022 4 min

Learn more

Privacy & Data Governance

Provisional agreement reached on the EU Digital Services Act

The Digital Services Act (DSA) aims to legislate against the spread of illegal content and protect the fundamental rights of EU citizens.

Robb Hiscock

April 25, 2022 4 min

Learn more

Speak-Up Program Management

Q&A: DFSA launches new Whistleblowing regime in Dubai

The Dubai Financial Services Authority (DFSA) announced and implemented a new regulatory regime to protect whistleblowers.

Jenna Thomas, Content Marketing Manager, Ethics

April 25, 2022 4 min

Learn more

Privacy & Data Governance

Global Cross-Border Privacy Rules (CBPR) forum established

With data privacy regulations popping up more frequently than ever, the Global Cross-Border Privacy Rules (CBPR) Forum was just launched.

Alexis Kateifides, Senior Center of Excellence Counsel

April 21, 2022 3 min

Learn more

GRC & Security Assurance

Streamline COI disclosures with this simple template

Download a simple conflict of interest disclosure template and learn how to effectively manage COIs with OneTrust.

Kirby Kelly, Content Marketing Specialist

April 20, 2022 5 min

Learn more

Technology Risk & Compliance

8 best practices for answering security questionnaires

Follow OneTrust's eight security questionnaire best practices to prioritize holistic data gathering across your vendor ecosystem.

Brianna Smith, Content Marketing Specialist, OneTrust | GRCP

April 20, 2022 4 min

Learn more

Privacy Automation

The necessary evolution of privacy program automation

Privacy program automation reduces manual, time-consuming, and often disjointed compliance and governance processes. Read on to learn more.

Ryan Edge, Director of Strategy | CIPP/E, CIPM

April 19, 2022 5 min

Learn more

ESG & Sustainability

Trust Geek Glossary: Understanding SASB standards

Learn about all things Sustainability Accounting Standards Board: the SASB materiality map, SASB standards, why financial materiality matters, and more.

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

April 18, 2022 9 min

Learn more

Privacy & Data Governance

The top 4 data governance principles

With the amount of data and metadata aggregated and collected by companies growing by the day, make sure that it's managed effectively. 

Sam Gillespie, Data Governance Offering Manager, OneTrust

April 15, 2022 3 min

Learn more

ESG & Sustainability

Trust Geek Glossary: What is CDP?

Find out what the CDP (Carbon Disclosure Project) reporting framework is, how it works, who uses it and the benefits of a CDP report.

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

April 13, 2022 7 min

Learn more

Technology Risk & Compliance

Best practices for building your Security questionnaire answer & Document library

In this blog, we outline five best practices to help organizations build and manage a security questionnaire answer and document library.

Scott Solomon, Product Marketing Lead, OneTrust | CIPM, CIPP/E

April 13, 2022 3 min

Learn more

ESG & Sustainability

New TCFD ESG disclosure requirements in Canada and the UK

TCFD ESG disclosure requirements: Canada and the U.K. join a growing list of countries adopting TCFD reporting mandates.

Phil Redman, Director, OneTrust ESG

April 12, 2022 6 min

Learn more

Data Discovery & Security

The ultimate guide to data governance

To manage your data effectively, you need a data governance solution that protects the privacy of the data and adds value to your business.

Sam Gillespie

April 12, 2022 7 min

Learn more

Ethics & Compliance

Adopt these engaging compliance trainings to reinforce company culture and values

Develop an ethics and compliance training program that meets legal requirements and engages your employees, while covering all the essentials.

Kelly Maxwell, Content Marketing Specialist, OneTrust

April 09, 2022 8 min

Learn more

Speak-Up Program Management

Effective conflict of interest disclosure management

Are you managing conflict of interest disclosures or COI effectively? Learn how to improve disclosure management and minimize risk with OneTrust.

April 08, 2022 6 min

Learn more

Cookie Consent

Cookie Consent performance series: server-side rendering

Leveraging a CMP that loads server-side positively impacts website performance, provides a user-friendly experience, and helps you stay compliant.

Ashlea Cartee

April 06, 2022 4 min

Learn more

Technology Risk & Compliance

How-to guide: Get started responding to security questionnaires

Responding to security questionnaires is time-consuming. Follow our security questionnaire guide to save time on your next questionnaire.

Brianna Smith, Content Marketing Specialist, OneTrust | GRCP

April 06, 2022 4 min

Learn more

Third-Party Risk

Java framework ‘Spring4Shell’ vulnerability leads to potential exploit

A zero-day Java vulnerability, "Spring4Shell" surfaced and experts believe it could be as impactful as 2021's Log4j. Read to learn more.

Justin Henkel, Head of CISO Center of Excellence

April 04, 2022 3 min

Learn more

ESG Program Management

Global ESG disclosure standards are edging closer with IFRS proposals

The proposed IFRS sustainability disclosure standards bring us closer to a globally consistent, common set of ESG disclosure standards.

Chris Fenwick

April 04, 2022 5 min

Learn more

Privacy & Data Governance

Japan’s amended APPI comes into effect

The Amendment Act, including data breach reporting and stricter data transfers, was approved to the current Act on the Protection of Personal Information. 

Andrew Clearwater, OneTrust, Chief Trust Officer

April 01, 2022 3 min

Learn more

Ethics & Compliance

How a Speak-Up culture can help you mitigate risk

Unpack the strategic value of a speak-up culture, how to improve it, and how it can become your early warning system for challenges.

Kelly Maxwell, Content Marketing Specialist, OneTrust

March 31, 2022 4 min

Learn more

Privacy & Data Governance

Explainer: Data localization and the benefit to your business

As a growing number of regulators call for tighter data localization requirements, keeping up with data localization laws can be a challenge.

Robb Hiscock, Content Marketing Specialist, CIPP/E, CIPM

March 30, 2022 5 min

Learn more

Privacy Management

Who owns third-party risk: Breaking down management and compliance silos

Without visibility and oversight across the third-party landscape, risk to your business will become untenable.

March 29, 2022 5 min

Learn more

Transform personalized experiences with preference management

Preference management empowers consumers to take control of their relationship with a brand, providing users with more power to control their privacy.

Jamie Molnar, Director, Product Marketing

March 28, 2022 6 min

Learn more

Data Discovery & Security

Agreement in principle made on new EU-US framework for transatlantic data flows

EU and US negotiators have been working towards a solution for EU-US data flows since the invalidation of the EU-US Privacy Shield.

March 25, 2022 3 min

Learn more

Ethics & Compliance

How to measure speak-up culture

Identify areas for improvement and spaces to celebrate successful culture building through quantitative and qualitative measurements.

Kelly Maxwell, Content Marketing Specialist, OneTrust

March 25, 2022 7 min

Learn more

Privacy & Data Governance

Utah Consumer Privacy Act (UCPA) signed into law

On March 24, 2022, the UCPA was signed into law by Governor Spencer Cox, becoming the latest addition to comprehensive state privacy laws in the US.

March 24, 2022 5 min

Learn more

Privacy & Data Governance

ICO International Data Transfer Agreement takes effect

The ICO International Data Transfer Agreement and Addendum to EU SCCs took effect on March 21, 2022. Read the blog to learn more.

March 23, 2022 4 min

Learn more

ESG & Sustainability

Carbon offsets 101: A guide for going climate neutral

Carbon offsets: Learn more about offsets, how they work, how they can help companies go climate neutral, and how they help protect forests.

Julie Yamamoto

March 21, 2022 15 min

Learn more

ESG & Sustainability

5 things to know about forthcoming SEC ESG disclosures

The proposed SEC ESG disclosures rule would require public companies to disclose GHG emissions and other climate change risks.

March 21, 2022 4 min

Learn more

Privacy & Data Governance

Regulatory compliance: Best practices to meet the updated guidelines

In an evolving landscape, regulatory compliance is key. So how do you check the boxes—and go beyond? Learn how on the OneTrust blog.

March 21, 2022

Learn more

ESG & Sustainability

4 things to look for in your ESG software

The right ESG software tools can help organizations manage environmental, social, and governance expectations more efficiently and intelligently.

March 16, 2022 7 min

Learn more

Ethics & Compliance

How to build a speak-up culture

Increase the number of reports you receive and build a stronger Speak-Up Culture by implementing these strategies and practical initiatives.

Kelly Maxwell

March 15, 2022 7 min

Learn more

Privacy & Data Governance

TrustWeek 2022 agenda: Kickstart your trust journey

TrustWeek 2022 brings together thought leaders across Privacy and Data Governance, GRC and Security Assurance, Ethics, and ESG & Sustainability.

March 15, 2022 8 min

Learn more

Third-Party Due Diligence

What is the German Supply Chain Due Diligence Act?

The German Supply Chain Due Diligence Act is designed to enhance risk management throughout the third-party supply chain.

March 14, 2022 5 min

Learn more

Ethics & Compliance

Measuring organizational trust: The What, Why, and How

What is organizational trust, why does it matter, and how do you measure it? Learn more about an ethics-driven approach to trust.

March 11, 2022 4 min

Learn more

Privacy & Data Governance

European Data Protection Board adopts guidelines on codes of conduct

On March 4, 2022, the EDPB announced that it had adopted its final guidelines on codes of conduct for data transfers under the GDPR.

March 09, 2022 6 min

Learn more

Ethics & Compliance

Trust culture and Organizational behavior

Every day and every interaction becomes another opportunity to showcase your company's commitment to honesty, integrity, and justice.

Kelly Maxwell, Content Marketing Specialist, OneTrust

March 09, 2022 6 min

Learn more

Third-Party Risk

OneTrust becomes only IT VRM vendor to receive the Gartner Peer Insights™ Customers’ Choice Distinction for three years in a row

OneTrust has been named a Customers' Choice in the 2022 Gartner Peer Insights ‘Voice of the Customer': IT Vendor Risk Management Tools.

March 08, 2022 6 min

Learn more

GRC & Security Assurance

Strengthening American Cybersecurity Act passes in US

Digital transformation makes cybersecurity critical to protect the organization, maintain resilience, and compete in today's digital business environment.

March 04, 2022 3 min

Learn more

Third-Party Risk

Answer any security questionnaire with enhanced cell detection for Questionnaire Response Automation

Introducing QRA cell detection – a powerful QRA enhancement that eases the spreadsheet-based questionnaire response process for vendors.

March 02, 2022 2 min

Learn more

Privacy & Data Governance

Building a GDPR privacy program for small businesses

Small businesses need to develop GDPR privacy programs to protect personal data, build consumer trust, and avoid penalties for non-compliance.

March 01, 2022 9 min

Learn more

Privacy & Data Governance

EDPB issues opinion on EU-US Data Privacy Framework

President Joe Biden issued an Executive Order on the new EU-US DPF, allowing for the enhanced protection of transferred personal information.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

February 28, 2022 8 min

Learn more

ESG & Sustainability

Protecting Today to sustain Tomorrow. Get to know OneTrust ESG.

OneTrust has been named a Leader in The Forrester New WaveTM: Sustainability Management Software, Q1 2022, by Forrester Research, Inc.

February 24, 2022 3 min

Learn more

Privacy & Data Governance

EU Data Act: New rules proposed on data access

On February 23, 2022, the European Commission proposed a regulation on the use and access of data stemming from the EU (EU Data Act).

February 23, 2022 3 min

Learn more

ESG & Sustainability

Audit, Measure, and Report on your portfolio companies’ ESG metrics with ESG investor portfolio management

Audit, measure, and report on your portfolio companies' Environmental, Social, and Governance metrics with OneTrust ESG Investor Portfolio Management.

February 22, 2022 3 min

Learn more

Privacy & Data Governance

EU-US data transfers: Is BYOK the answer?

EU-US data transfers continue to cause organizations problems following the Schrems II decision. Is Bring Your Own Key the solution?

February 21, 2022 5 min

Learn more

Privacy Management

How a chief trust officer can help Your business build and manage customer trust

A Chief Trust Officer (CTrO) helps the business fulfill its promises to customers and stakeholders on security, privacy, data, ethics, and ESG.

Andrew Clearwater

February 17, 2022 7 min

Learn more

ESG & Sustainability

ESG reporting and why is it important

Understand why publishing corporate ESG reports is vital to customers, employees, and investors who want to know what your impact is in this area.

February 16, 2022

Learn more

Privacy & Data Governance

EDPB launches coordinated enforcement action into use of cloud services by public bodies

The EDPB launched its first coordinated enforcement action on the use of cloud services in the public sector across the EU.

February 15, 2022 4 min

Learn more

Third-Party Risk

Mastering the TPRM lifecycle

Third-party risk management is key to any business. Learn how to master the TPRM lifecycle across your organization in our newest video blog!

February 14, 2022 2 min

Learn more

Privacy Management

The ultimate guide to LGPD compliance

Brazil's General Personal Data Protection Law (LGPD) entered into force on September 18, 2020. Read the blog to learn more about LGPD compliance.

February 11, 2022 12 min

Learn more

Consent & Preferences

Deliver dynamic consent experiences using audience logic

Using Audience Logic functionality with consent management, tailors unique digital experiences based on persona, demographics, or channels.

February 11, 2022 4 min

Learn more

OneTrust opens TrustWeek 2022 registration

Join us for TrustWeek 2022, OneTrust's fifth annual user conference—with live, in-person global events and a robust virtual experience.

February 10, 2022 4 min

Learn more

Trust Intelligence

Trust & the CISO: The role of trust in the evolution of IT & security

What is CISO trust? As companies face more risk vectors than ever before, establishing trust is critical for the CISO. Read to learn more.

February 09, 2022 7 min

Learn more

Consent & Preferences

2022 Modernizing marketing strategy series: Data transparency

Data transparency creates trust, and that trust leads to customer loyalty—a winning strategy for building lasting relationships with buyers.

Ashlea Cartee, Product Marketing Manager, OneTrust

February 08, 2022 4 min

Learn more

Data Discovery & Security

Automating data classification and mapping to embed data context into operations

Accurately classifying data gives your organization a clearer picture of the regulatory requirements attached to it. Get Started with OneTrust Data Discovery.

February 07, 2022 7 min

Learn more

Get to know: OneTrust’s channel chief Gordy Wyatt

Gordy Wyatt, OneTrust's North America Channel Director, has been named a 2022 CRN Channel Chief. Learn more about OneTrust's partner program.

February 07, 2022 4 min

Learn more

Third-Party Risk

Buy-In Guide: Making the case for TPRM software

Make the business case for TPRM in your organization and get access to our TPRM buy-in guide to learn how! Read the blog to learn more.

February 04, 2022 4 min

Learn more

Consent & Preferences

2022 Modernizing marketing strategy series: Oracle & OneTrust

Oracle and OneTrust are teaming up to provide strategic guidance for building a powerful and modern marketing strategy in 2022.

Ashlea Cartee, Product Marketing Manager, OneTrust

February 01, 2022 2 min

Learn more

Privacy Management

Automated data mapping FAQs

We recently discussed the benefits of an automated data map. In this article, we answer the most popular questions from the audience.

Ryan O'Connor, Solutions Engineer, Privacy

January 31, 2022 4 min

Learn more

Privacy & Data Governance

Your guide to celebrating Data Privacy Day

January 28 is Data Privacy Day, the international day to empower people and businesses to respect privacy and build trust.

January 28, 2022 6 min

Learn more

Privacy Automation

4 steps to enhance your DSAR process with redaction

This video walks through the steps your organization can take to enhance your DSAR process with automation, including redaction.

January 26, 2022 1 min

Learn more

Third-Party Risk

The shift to third-party management (TPM): What is TPM and why does it matter?

Third-Party Trust Management (TPTM) is the next evolution of third-party risk and is key enterprise trust strategy. Learn more in our blog!

January 25, 2022 9 min

Learn more

Privacy Management

iOS app account deletion FAQs

In this article, we answer your most frequently asked iOS app account deletion requirement questions. Learn more about the impacts.

January 24, 2022 3 min

Learn more

Privacy & Data Governance

How OneTrust uses OneTrust for data privacy

How can privacy teams keep tabs on operational goals while juggling strategic planning? By effectively utilizing the resources available.

January 24, 2022 7 min

Learn more

Privacy Automation

Why you should automate data retention policies

By operationalizing data retention, organizations can take another step towards securing consumer trust and demonstrating compliance.

January 20, 2022 5 min

Learn more

Privacy & Data Governance

Austrian DPA’s Decision in Analytics Services Provider Case

The Austrian DPA issued a decision in the analytics provider case finding that an EU website operator had violated Article 44 of the GDPR.

January 18, 2022 6 min

Learn more

Consent & Preferences

Zero-party data collection

Learn how to capture and manage zero and first-party data using OneTrust Consent & Preference Management as we approach the end of third-party cookies.

January 18, 2022 4 min

Learn more

Cookie Consent

Cookie Consent performance series: part 2 – Global CDN & asynchronous loading

Implementing a CMP that uses a balanced global CDN system paired with asynchronous loading is crucial to your business.

January 14, 2022 4 min

Learn more

Consent & Preferences

OneTrust named a leader in privacy and consent

We're excited to announce that OneTrust has been named a Leader in the KuppingerCole Leadership Compass for Privacy and Consent Management.

January 12, 2022 3 min

Learn more

Privacy Automation

Top reasons employees submit SARs and how you should prepare

Take a look into some of the top reasons why employees might make an access request and how employers can prepare for when they do.

January 11, 2022 4 min

Learn more

Cookie Consent

How CMOs are building brand trust through personalized experiences

Learn how to drive personalization and nurture brand trust with data transparency, data enrichment, and ethical data activation.

January 10, 2022 4 min

Learn more

Consent & Preferences

Year in review: OneTrust’s market-dominating CMP

As 2021 comes to a close, OneTrust highlights the biggest enhancements and milestones of its market-leading consent management platform (CMP).

January 06, 2022 3 min

Learn more

Preparing for the new Apple account deletion requirement

On October 6, 2021, Apple introduced a new account deletion requirement for App Store submissions starting on January 31, 2022. 

January 03, 2022 6 min

Learn more

Privacy & Data Governance

OneTrust announces series C funding at a $5.3 billion valuation

Today we are proud to announce our $300 million Series C funding round at a $5.1 billion valuation! Read all about it.

December 20, 2021 3 min

Learn more

Third-Party Risk

The future of TPRM: Third party risk management predictions for 2022

In 2021, TPRM and cybersecurity remained at the forefront of business strategy, so what's next? Learn about 2022 TPRM predictions in our blog!

December 19, 2021 5 min

Learn more

Third-Party Risk

Build the business case: The importance of business resilience and TPRM

Learn about the impact of third-party service outages and how to stand up a TPRM-informed business resilience strategy in our latest blog.

December 16, 2021 4 min

Learn more

Consent & Preferences

OneTrust supports CI/CD pipeline with mobile app scanning API

The Mobile App Scanning API helps support CI/CD pipeline for developers - a scalable API for uploading, scanning and re-scanning apps.

December 15, 2021 3 min

Learn more

Third-Party Risk

Working with vendors to address the Apache Log4j 2 library vulnerability

A new, critical vulnerability that impacts a popular open-source Java logging library, Apache Log4j 2 exists. Read more in our blog.

December 14, 2021 5 min

Learn more

Privacy & Data Governance

The EU Council clears EU Taxonomy rules

The European Union passed the first part of its EU taxonomy rulebook on climate-friendly investments, applying on January 1, 2022.

December 09, 2021 2 min

Learn more

Privacy & Data Governance

NIS2: An EU-Wide cybersecurity strengthening and resilience solution

On December 3, the EU announced that it had agreed its general approach to the text of the NIS 2 Directive. Read to learn more!

December 09, 2021 3 min

Learn more

ESG & Sustainability

OneTrust acquires Planetly, the climate action and carbon management company

OneTrust has acquired Planetly, the Climate Action, and Carbon Management company, to help businesses transform to net-zero emissions.

Phil Redman

December 08, 2021 3 min

Learn more

Cookie Consent

Accelerate your cookie banner implementation with OneTrust’s CMP Wizard

Through the OneTrust CMP Wizard, businesses can use a guided step-by-step interface to scan their website for cookies and trackers.

December 06, 2021 3 min

Learn more

GRC & Security Assurance

Privacy and IT risk: How secure are your assets securing personal data?

Protecting personal data is a multi-functional operation. Learn how prioritizing privacy and IT Risk for assets can help your organization on its journey to trust.

December 02, 2021 6 min

Learn more

Privacy & Data Governance

Automate policy management to align Privacy & Data Governance initiatives

By ensuring all organizational data is unified under one system, teams can unilaterally manage data policies with automation.

December 02, 2021 6 min

Learn more

Privacy & Data Governance

Why Is everyone talking about trust? And why the CISO should care

The CISO plays an important role in establishing trust and keeping workflows across the enterprise secure. Learn more in our blog!

November 29, 2021 4 min

Learn more

Privacy & Data Governance

German TTDSG enters into force on December 1, are you ready?

On December 1, 2021, the TTDSG will enter into force implementing new cookie consent requirements in accordance with the ePrivacy Directive.

November 29, 2021 6 min

Learn more

Privacy & Data Governance

UAE enacts new federal Personal data protection law

A new comprehensive personal data protection law was enacted in the UAE on November 29, 2021 as part of a broad federal reform package.

November 29, 2021 4 min

Learn more

Privacy & Data Governance

Relevant European supervisory authorities notified and have 4 weeks to provide feedback to the draft decision

On November, the Belgian DPA issued a press release on its draft decision in the case against IAB Europe relating to its Transparency & Consent Framework.

November 25, 2021 3 min

Learn more

Privacy & Data Governance

ICO issues opinion on data protection expectations for AdTech proposals

The UK Information Commissioner's Office (ICO) released its opinion on Data Protection and Privacy Expectations for Online Advertising Proposals.

November 25, 2021 5 min

Learn more

Cookie Consent

Luxembourg: CNPD publishes new cookies guidelines

The CNPD clarifies in the new guidelines some important distinctions about cookies regarding their types, purposes, and uses.

November 24, 2021 3 min

Learn more

Privacy & Data Governance

Report on India’s personal data protection bill adopted

The JPC adopted a draft report on India's Personal Data Protection Bill, 2019 which will now be presented during Parliament's winter session.

November 23, 2021 3 min

Learn more

Technology Risk & Compliance

Mature your privacy program with DSAR & Incident management automation

With increasing privacy and security regulations, maturing privacy teams are using automation to scale DSAR and incident management efforts.

November 23, 2021 10 min

Learn more

Privacy & Data Governance

EDPB clarifies scope of data transfers

On November 19, 2021, the EDPB released its draft guidelines on the interplay between Article 3 and Chapter V of the GDPR for data transfers.

November 19, 2021 6 min

Learn more

Cookie Consent

Expanding beyond a cookie banner to preference management 

Expanding beyond a cookie banner to preference management  allows you to turn privacy requirements into a real marketing advantage.

November 18, 2021 5 min

Learn more

GRC & Security Assurance

Cybersecurity Maturity Model 2.0: New strategic implications from GRC to VRM

The US Department of Defense updated CMMC strive to simplify and strengthen the security of the defense industrial base. Read to learn more.

November 12, 2021 4 min

Learn more

Cookie Consent

Cookie Consent performance series: Part 1 – SEO & availability

Our Cookie Consent Performance series dives into key ways you can maintain website authority, user experience, and compliance. Here's part 1.

November 11, 2021 4 min

Learn more

Data Discovery & Security

How data discovery enhances & automates your data mapping

Organizations need to mature and scale their data mapping programs with technology that unifies and automates data discovery.

November 09, 2021 6 min

Learn more

Privacy & Data Governance

Firefox joins other browsers implementing Global Privacy Control

Mozilla Firefox is the latest browser implementing Global Privacy Control (GPC), taking initiative to help users control their privacy.

November 08, 2021 4 min

Learn more

ESG & Sustainability

Republican Energy & Commerce Committee introduce draft US Federal Privacy Bill

The Republican Energy and Commerce Committee introduced a comprehensive draft privacy bill establishing standards for data privacy and security in the US.

November 04, 2021 4 min

Learn more

ESG Program Management

IFRS announce International Sustainability Standards Board (ISSB)

The IFRS announced the formation of the ISSB and Prototype Climate Disclosure Standards during the COP26 summit in Glasgow.

November 03, 2021 4 min

Learn more

ESG & Sustainability

ESG and sustainability software platforms that enterprises can leverage

All eyes are on ESG right now but how can enterprises leverage ESG and sustainability software platforms to meet and track their goals?

October 26, 2021 5 min

Learn more

Privacy Automation

OneTrust adds native Microsoft integration into privacy management solution

OneTrust, the most widely used privacy management platform, has added Microsoft's Privacy Management for Microsoft 365 integration.

October 22, 2021 3 min

Learn more

ESG & Sustainability

The CSO (chief sustainability officer) & vendor risk management: Top challenges & biggest opportunities

As brand sustainability expectations evolve, CSOs must consider vendor risk management (VRM). Learn how to combine ESG and VRM in our blog.

October 21, 2021 5 min

Learn more

ESG Program Management

ESG management: The enterprise ESG cycle

Improve your organization's ESG efforts by leveraging the Enterprise ESG Cycle in your ESG management program. Learn how in our blog.

October 19, 2021 3 min

Learn more

Privacy & Data Governance

OneTrust partners with Snowflake to simplify data classification & enforce policy

OneTrust and Snowflake have partnered to enable developers, data engineers, and data scientists to improve data discovery and governance across platforms.

October 07, 2021 3 min

Learn more

Third-Party Risk

OneTrust Vendorpedia offers same-day support for the 2022 Shared Assessments SIG

Learn how to manage risk in a time-friendly, cost-effective way with low effort for your vendors with our SIG 2022 shared assessments support.

September 28, 2021 3 min

Learn more

Privacy & Data Governance

The ultimate guide to CCPA compliance

The Ultimate Guide to CCPA Compliance outlines the key areas of the law that your organization should consider. Read the blog to learn more.

September 27, 2021 10 min

Learn more

Ethics & Compliance

Improve the reporting experience with preferred language reporting

Convercent by OneTrust announced enhanced global Call Center operations, aiming to have calls handled in a reporter's preferred language.

September 27, 2021 3 min

Learn more

ESG & Sustainability

Diversity, Equity & Inclusion: Reflecting on OneTrust’s DE&I council

Learn how OneTrust has built a team of leaders dedicated to supporting its employees and community through the Diversity, Equity & Inclusion Council.

September 24, 2021 7 min

Learn more

Privacy & Data Governance

Quebec’s Bill 64 Adopted

On September 21, Bill 64 obtained a majority vote in the National Assembly of Quebec and will become law. Read the blog to learn more.

September 22, 2021 4 min

Learn more

GRC & Security Assurance

OneTrust named a leader in GRC Platform Independent Research report

OneTrust has been named a leader in the Forrester Wave: Governance, Risk, And Compliance Platforms Q3 2021.

September 22, 2021 4 min

Learn more

GRC & Security Assurance

OneTrust acquires Tugboat Logic

OneTrust is acquiring Tugboat Logic security assurance and certification automation platform for ISO 27001 and SOC 2.

September 21, 2021 4 min

Learn more

Consent & Preferences

OneTrust’s Consent and Preference Management Platform captures millions of consent transactions

OneTrust, the most widely used consent and preference management platform captures over 3 billion consent transactions a week. 

September 20, 2021 3 min

Learn more

Privacy & Data Governance

When Is DSAR redaction relevant? Your questions answered

In this article, we answer six of our most frequently asked questions centered around one common theme: When is DSAR redaction necessary?

September 20, 2021 5 min

Learn more

GRC & Security Assurance

OneTrust recognized in 2021 Gartner® Magic Quadrant™ for IT Risk Management

OneTrust was recognized in the 2021 Gartner Magic Quadrant for IT Risk Management for its GRC product. Access the report in our blog.

September 16, 2021 4 min

Learn more

Ethics & Compliance

Importance of policy and procedure

We all know policies and procedures are important, but they often end up ineffective. Learn how to maximize policies on the OneTrust blog.

September 16, 2021 6 min

Learn more

Privacy & Data Governance

OneTrust integrates with Box to support customers automate Privacy Compliance

 Today, OneTrust announced an integration with Box to better support customers wanting to automate privacy, security, and compliance. 

September 15, 2021 3 min

Learn more

Privacy & Data Governance

The new SCC deadline Is approaching: Are you prepared?

The deadline for signing old Standard Contractual Clauses (SCCs) into new contractual agreements is approaching. Are you prepared?

September 15, 2021 5 min

Learn more

Ethics Program Management

Top 5 reasons your organization needs awareness training

Many of the world's privacy laws contain training obligations but there are several reasons that you need awareness training. Read the blog to learn more.

September 14, 2021 5 min

Learn more

Consent & Preferences

How to build trust and value privacy with a Consent Management Platform

You can't run a modern privacy program without a consent management platform. Learn how to bring privacy and personalization together.

September 13, 2021 12 min

Learn more

Third-Party Risk

OneTrust named a Leader in the 2021 Gartner® Magic Quadrant for IT Vendor Risk Management Tools

For the third consecutive year, OneTrust is a leader in the 2021 Gartner Magic QuadrantTM for IT Vendor Risk Management Tools.

September 02, 2021 5 min

Learn more

Consent & Preferences

Why you need a CMP alongside Apple ATT

Apple requires apps to use an ATT prompt to request permission from end users before tracking them. Learn how implementing a CMP can help.

August 26, 2021 4 min

Learn more

Consent & Preferences

Prove you value privacy with consent and preference management

Prioritize privacy by implementing consent and preference management across marketing and advertising activities. Learn more in our blog.

August 24, 2021 4 min

Learn more

GRC & Security Assurance

The ultimate security questionnaire guide

Implementing a consistent security questionnaire answering process will save your organization time and money. Read our guide to learn more.

Brianna Smith, Content Marketing Specialist, OneTrust | GRCP

August 17, 2021 15 min

Learn more

Privacy & Data Governance

The CCPA metrics reporting requirement: What you need to know

As of July 1, 2021, the CCPA metrics reporting obligation took effect for certain organizations. Here's what you need to know.

August 11, 2021 3 min

Learn more

Technology Risk & Compliance

ITRM 101: Understanding the impact of IT risk on your organization

Read our IT risk management (ITRM) guide to understand IT risk management's impact on your organization and why it's more critical than ever.

August 10, 2021 14 min

Learn more

Consent & Preferences

Telemarketing & Compliance: What marketers need to know

Let's look at how this crucial marketing channel can be effectively implemented while remaining compliant with telemarketing legislation.

August 06, 2021 4 min

Learn more

Consent & Preferences

Test for success: A/B testing essential to improve ROI

When you A/B test your cookie banners, your marketing goals and compliance with data regulations don't have to be mutually exclusive.

August 03, 2021 4 min

Learn more

Privacy & Data Governance

OneTrust Vendorpedia Third-Party Risk Exchange now provides Cyber Risk scores on thousands of vendors

OneTrust partners with ISS Corporate Solutions (ICS) to enable new cyber risk scoring capabilities for Third-Party Risk Exchange customers.

August 02, 2021 4 min

Learn more

Data Discovery & Security

OneTrust recognized in The Forrester Wave™: Data Governance solutions, Q3 2021

Today we are excited to announce that OneTrust DataGovernance debuted in The Forrester Wave: Data Governance Solutions, Q3 2021 report.

July 27, 2021 3 min

Learn more

Privacy Management

Privacy laws & Employee DSARs

Organizations faced with employee data subject access requests (DSARs) need a tool that uses automation to properly redact data.

July 23, 2021 6 min

Learn more

Privacy Automation

How to automate your DSAR process with discovery & redaction

As the volume of DSAR requests increases, organizations are turning to automation to help manage the redaction process.

July 21, 2021 3 min

Learn more

Privacy Management

The APEC CBPR Certification: What is it?

The APEC Cross-Border Privacy Rules System (CBPR) is a voluntary, accountability-based system created by the Asia-Pacific Economic Cooperation.

July 20, 2021 4 min

Learn more

GRC & Security Assurance

Reduce your risk: Supply chain attacks and the rise of ransomware

As the new trend in ransomware attacks rises, companies need to be aware of the impact on supply chain vulnerability. Learn more in our blog.

July 16, 2021 4 min

Learn more

Ethics & Compliance

Germany passes new corporate due diligence act

Germany's parliament has passed the German Corporate Due Diligence Act, requiring due diligence in combating human rights violations.

July 14, 2021 3 min

Learn more

Privacy & Data Governance

The 7 principles of privacy by design

The 7 Principles of Privacy by Design is a holistic approach to privacy and seamlessly integrates privacy into products, services, and system designs by default.

July 13, 2021 6 min

Learn more

Privacy & Data Governance

IAB canada finalizes TCF policies

The Interactive Advertising Bureau (IAB) of Canada recently finalized its version of Transparency Consent Framework (TCF) Policies.

July 09, 2021 1 min

Learn more

Third-party cookies are going away: How marketers can prepare

In the massive gap left in the wake of third-party cookies going away, organizations must adjust their consent strategies.

July 08, 2021 6 min

Learn more

GRC & Security Assurance

How AutoZone goes the extra mile with OneTrust Vendorpedia

AutoZone Goes the Extra Mile and drives TPRM operations with OneTrust Third-Party Risk Management. Learn more from Auto Zone TPRM, Ryan Walker.

July 07, 2021 3 min

Learn more

Privacy & Data Governance

How good IT Asset and Risk Management can protect you from ransomware

Executive leadership must prioritize implementing a healthy IT asset and Risk management program in the wake of increased ransomware attacks.

July 02, 2021 5 min

Learn more

Data Discovery & Security

The 4 pillars of data intelligence

Use the 4 pillars of data intelligence to better understand the data you have, how it's used, and the requirements that apply to it.

OneTrust

July 01, 2021 5 min

Learn more

Privacy Management

The CPO & Vendor risk management: top challenges & biggest opportunities

As the privacy landscape evolves, CPOs must consider vendor risk management as a key area of any healthy privacy management program.

June 30, 2021 5 min

Learn more

Privacy & Data Governance

EDPB final recommendations: The 6 step roadmap (Part 1 of 3)

Take a deeper look at the EDPB six-step roadmap to help identify the appropriate supplementary measures for international data transfers.

June 29, 2021 5 min

Learn more

Privacy & Data Governance

European commission adopts two UK adequacy decisions

Learn about how the European Commission adopted two UK adequacy decisions in relation to the GDPR and the Law Enforcement Directive.

June 28, 2021 4 min

Learn more

Cookie Consent

Google delays deprecation of third-party cookies until 2023

On June 24, 2021, Google announced it is delaying plans to phase out third-party cookies in its Chrome browser until 2023.

June 24, 2021 4 min

Learn more

Technology Risk & Compliance

How your organization can use an incident management playbook

An incident management playbook is an actionable guide for how to report events, define responsibilities, and manage response procedures.

June 22, 2021 5 min

Learn more

Privacy & Data Governance

Operationalize EDPB final Schrems II guidance with OneTrust

You can operationalize the EDPB's guidance today with OneTrust's expanded Schrems II Solutions which provide both EU exporters and importers.

June 21, 2021 5 min

Learn more

ESG Program Management

The ultimate guide to ESG management and factor

What is ESG Management? It is crucial to execute a strong ESG program throughout your organization to remain competitive. Read more here.

June 18, 2021 12 min

Learn more

Privacy & Data Governance

Ecuador’s new data protection law

Ecuador's new data protection regulation has become law, and establishes a national data protection authority, and regulates cross-border data transfers.

June 17, 2021 3 min

Learn more

Ethics & Compliance

Convercent by OneTrust announces third-party risk management solution for Ethics & Compliance

Convercent by OneTrust Third-Party Risk Management for Ethics and Compliance professionals provides a way to identify third-party risk.

June 17, 2021 2 min

Learn more

ESG & Sustainability

ESG Risks | Challenges & Solutions

Learn some challenges of creating an ESG strategy nationally and globally for your organization while addressing risk, management, and compliance.

June 16, 2021 6 min

Learn more

Privacy & Data Governance

China data security law passed

A new China data security law takes effect on September 1, 2021 protecting data in the interest of the country's national security. Learn more.

June 14, 2021 4 min

Learn more

Third-Party Risk

What is vendor risk management?

Vendor risk management (VRM) is a form of risk management that focuses on identifying and reducing risks relating to vendors.

June 09, 2021 14 min

Learn more

Privacy & Data Governance

Nevada privacy bill signed by Governor Sisolak

On June 2, 2021, Nevada Governor Stephen F. Sisolak signed the Nevada Privacy bill ((SB) 260) which focuses on Internet privacy.

June 07, 2021 3 min

Learn more

ESG & Sustainability

ESG factors and infographic

OneTrust can help you track and measure your ESG goals, as social, environmental, and governance strategies become crucial in the corporate environment.

June 04, 2021 3 min

Learn more

Privacy & Data Governance

European commission adopts new Standard Contractual Clauses (SCCs)

On June 4, 2021, the European Commission adopted two sets of modernized standard contractual clauses (SCCs). Read the blog to find out more.

June 04, 2021 4 min

Learn more

Privacy Management

Thai PDPA data subject rights: What you should know

Enforcement of the Thai PDPA has been postponed until 2022 but organizations should still prepare for an influx data subject rights requests.

June 03, 2021 5 min

Learn more

Third-Party Risk

What is third-party risk management?

Third-party risk management (TPRM) is a form of risk management that focuses on identifying and reducing risks relating to the use of third parties.

June 01, 2021 6 min

Learn more

Cookie Consent

noyb Cookie Consent best practices guide

OneTrust has provided customers with a resource guide and relevant regulatory authority research following the May 31 noyb cookie notices.

June 01, 2021 2 min

Learn more

Third-Party Risk

OneTrust acquires Shared Assessments to grow the SIG and global third-party risk standardization

Shared Assessments will remain vendor neutral post-acquistion to grow the SIG third-party risk standard globally.

May 31, 2021 4 min

Learn more

Privacy & Data Governance

OneTrust celebrates five years of trust

Five years ago, OneTrust was founded. Today, we're celebrating five years of trust with our 10,000 customers, 2,000 employees, and community.

May 26, 2021 5 min

Learn more

Privacy & Data Governance

The GDPR data subject rights - global privacy laws

The GDPR is one of the most robust global privacy laws in effect today. What rights does it invoke on it's data subjects?

May 24, 2021 3 min

Learn more

Privacy Management

The ultimate guide to privacy management

A foundational standard for privacy management is proving through records that you have a legal reason for collecting and processing personal data. 

May 21, 2021 15 min

Learn more

Privacy & Data Governance

The EU Cloud Code of Conduct approved by Belgian DPA

On May 20, 2021, the Belgian DPA announced that it had approved the EU Cloud Code of Conduct. Read the blog to find out more.

May 20, 2021 3 min

Learn more

Privacy & Data Governance

France announces strategy for cloud technology

On May 17, 2021, the French Government announced its national strategy for cloud technology. Read the blog to find out more.

May 18, 2021 3 min

Learn more

Privacy Management

Understanding the 7 principles of the GDPR

The 7 key GDPR principles at the heart of the law should inform every step of a modern privacy management program. 

May 17, 2021 5 min

Learn more

Data Discovery & Security

What’s hidden in your files? How to better govern your unstructured data

What's hidden in your files? Learn more about how unstructured data discovery can help you uncover and address hidden compliance risks.

May 05, 2021 6 min

Learn more

Privacy & Data Governance

Apple iOS 14.5: how to prepare with OneTrust

Apple announced new iOS 14.5 requirements will now go into effect on April 26, 2021 with the release of Apple iOS 14.5.

April 23, 2021 4 min

Learn more

Consent & Preferences

OneTrust launches Consent Banner testing feature

OneTrust launched a new consent banner testing feature that allows customers to test their consent management platform before publishing.

April 21, 2021 4 min

Learn more

Privacy & Data Governance

Guide to the General Data Protection Regulation (GDPR)

GDPR Compliance means an organization that falls within the scope of the GDPR meets the requirements for properly handling personal data.

April 16, 2021 19 min

Learn more

Ethics & Compliance

OneTrust Acquires Ethics and Compliance Leader Convercent

OneTrust acquires ethics and compliance software leader Convercent to help continue to build our Trust Intelligence platform.

April 14, 2021 4 min

Learn more

Data Discovery & Security

Webinar recap: How Data Discovery enhances your DSAR workflow

Be prepared to respond to Data Subject Access Requests and utilize automated data discovery with OneTrust Data Discovery.

April 01, 2021 5 min

Learn more

ESG & Sustainability

ESG best practices and corporate benefits

Learn how implementing ESG best practices may benefit an organization's brand, revenue, company valuation, and market perception, as well as reduce risk.

March 31, 2021 6 min

Learn more

Privacy & Data Governance

Your top 10 Data Redaction questions answered

We took your top questions and created an FAQ series to dive into our data redaction capabilities and what they mean for you.

March 30, 2021 7 min

Learn more

Privacy & Data Governance

Preparing for privacy compliance in Panama

Panama's Law No. 81 on Personal Data Protection takes effect March 29, 2021, bringing a new set of compliance challenges for organizations.

March 29, 2021 3 min

Learn more

Privacy & Data Governance

Get ready for POPIA with OneTrust

Enforcement for South Africa's Protection of Personal Information Act (POPIA) will begin on July 1, 2021 and OneTrust can help you get ready.

March 22, 2021 3 min

Learn more

Privacy & Data Governance

How to prepare for Apple iOS 14.5 privacy requirements

Apple iOS 14.5 Privacy Requirements and iPadOS 14.5 are scheduled for a spring 2021 release. The new release includes privacy features.

March 19, 2021 5 min

Learn more

ESG & Sustainability

OneTrust's ESG solution is here

OneTrust's ESG solution provides organizations with environmental, social, and governance technology built in to the OneTrust platform.

March 15, 2021 3 min

Learn more

Privacy Management

Privacy program best practices 

Smart businesses know having a privacy program in place is just good business. Here are the best privacy program practices.

March 12, 2021 7 min

Learn more

Data Discovery & Security

OneTrust DataGovernance announces Data Catalog

OneTrust Data Catalog is a solution for data officers, data stewards, and other stakeholders to find and utilize the data that matters most.

March 11, 2021 4 min

Learn more

Cookie Consent

OneTrust CNIL cookie guidelines toolkit

On April 1st, the CNIL, will begin to enforce its latest cookie recommendations. Download our CNIL Cookie Consent Guidelines Checklist today!

March 08, 2021 3 min

Learn more

Consent & Preferences

Maximize Opt-Ins with Consent Rate Optimization

OneTrust launches Consent Rate Optimization, to help organizations personalize user experience and maximize opt-ins while respecting privacy.

March 04, 2021 3 min

Learn more

GRC & Security Assurance

HIPAA compliance: Building a bridge to a robust privacy program

If your organization manages PII, it's crucial to embed HIPAA compliance into your privacy program. Here's how to get started. 

March 02, 2021 10 min

Learn more

Privacy & Data Governance

Virginia’s Consumer Data Protection Act signed into law

Virginia became the next state to officially pass a comprehensive privacy law. The CDPA sets out an increased protection for consumer data.

March 02, 2021 3 min

Learn more

Privacy & Data Governance

OneTrust acquires Redacted.ai for data redaction

OneTrust acquired Redacted.ai data redaction technology and introduces OneTrust Data Redaction technology to solve a broad range of privacy use cases.

February 28, 2021 3 min

Learn more

Data Discovery & Security

Why security teams need Data Discovery

Read more to understand why data discovery for security teams is a must as businesses seek to defend against financial and reputational risk.

February 23, 2021 6 min

Learn more

Cookie Consent

Cookie banners after third-party cookies

If third-party cookies are phased-out, does that mean cookie banners or consent management platforms (CMPs) are going along with them?

February 19, 2021 7 min

Learn more

Consent & Preferences

OneTrust’s CMP leads the Consent Management market: Used on 350,000+ websites and apps

Today OneTrust announced it is the most widely used CMP with over 350,000 websites and applications using the platform for consent management.

February 08, 2021 3 min

Learn more

GRC & Security Assurance

5 IT risk management frameworks to consider for your program

Applying one or multiple systems to your company’s security approach is best practice

Kaitlyn Archibald

February 04, 2021 4 min

Learn more

Data Discovery & Security

Data discovery for governance teams

Intelligent, automated data discovery for governance teams is essential for achieving data governance and data catalog objectives. 

February 02, 2021 4 min

Learn more

Privacy & Data Governance

OneTrust Partners with global privacy control to help users control privacy

Today OneTrust and Global Privacy Control (GPC) announced their partnership to help users control their privacy with a new browser setting.

January 28, 2021 4 min

Learn more

Data Discovery & Security

Why privacy teams need Data Discovery

Privacy teams need automated data discovery solutions to tackle the challenges of growing data management needs and privacy compliance.

January 26, 2021 6 min

Learn more

Data Discovery & Security

What to look for in a data discovery solution

A truly automated data discovery solution helps organizations understand their data across their business and third-party relationships.

January 22, 2021 6 min

Learn more

Third-Party Risk

Introducing OneTrust Questionnaire Response Automation

OneTrust launches Vendorpedia Questionnaire Response Automation to support organizations in automatically answering incoming questionnaires.

January 13, 2021 3 min

Learn more

Privacy & Data Governance

CNIL issues fine for emails sent without consent

This last week, the CNIL, French data protection authority, issued a €20,000 fine for sales prospecting without consent. Read more.

January 12, 2021 3 min

Learn more

GRC & Security Assurance

Integrate microsoft word into the OneTrust GRC policy management software

OneTrust today announced our GRC policy management software integration with Microsoft Word to help company's improve policy management.

January 06, 2021 2 min

Learn more

Privacy & Data Governance

Your CPRA questions answered

We address some CPRA questions as the CPRA's approval left many organizations questioning how to pivot their existing programs to meet CPRA compliance.

December 30, 2020 4 min

Learn more

Privacy & Data Governance

Schrems II and the latest SCC updates

A discussion about the Schrems II decision including an explanation of the new EDPB guidelines and Standard Contractual Clauses updates.

December 30, 2020 4 min

Learn more

Privacy & Data Governance

Schrems II: Dealing with international transfers

With the significant development of the EDPB releasing their recommendations for Schrems II, we discuss what they are and what they mean.

December 15, 2020 4 min

Learn more

Consent & Preferences

Balancing cookie compliance and user experience

Providing an engaging user experience can help to greatly increase opt-in rates as well as enhancing transparency around your processing activities.

December 08, 2020 3 min

Learn more

Privacy & Data Governance

Global privacy laws update 2020

Global privacy laws have continued to develop rapidly throughout the course of 2020. Recap with the "Global Privacy Laws: What's New in 2020" TrustWeek Session.

December 02, 2020 5 min

Learn more

Privacy Management

How will the Schrems II decision impact your privacy program?

The Schrems II decision will have significant impacts on EU-US data transfers, and many organizations will need to update their programs.

November 23, 2020 3 min

Learn more

Privacy & Data Governance

Schrems II decision: EDPB publishes recommendations

The EDPB published recommendations following the Schrems II decision in July 2020, addressing surveillance and supplementary transfer tools.

November 12, 2020 8 min

Learn more

Privacy & Data Governance

CCPA vs. CPRA – What has changed?

On November 4, 2020, California voters passed the California Privacy Rights Act (CPRA or CCPA 2.0), but how does it compare with the CCPA?

November 10, 2020 4 min

Learn more

Ethics & Compliance

Ethics in privacy and security

When your business collects someone's personal information, you take on responsibilities, including trust, security, and ethical responsibility to that individual.

November 09, 2020 5 min

Learn more

Privacy & Data Governance

What does the CPRA mean for your privacy program?

In the November 2020 election, voters will be deciding whether to vote the CPRA into law. Read this blog to learn more.

November 04, 2020 5 min

Learn more

GRC & Security Assurance

What is OneTrust GRC? A LinkedIn live recap

In this LinkedIn Live, Kabir Barday, CEO of OneTrust, was joined by Scott Bridgen, Offering Manager of OneTrust GRC, to discuss what is OneTrust GRC.

November 02, 2020 5 min

Learn more

Privacy & Data Governance

TrustWeek news: Know your requirements for storing data with OneTrust DataGuidance Data Retention Schedules

As part of a series of announcements during TrustWeek, we are excited to introduce DataGuidance Data Retention Schedules.

October 13, 2020 3 min

Learn more

Privacy & Data Governance

TrustWeek news: OneTrust releases new Data Governance software to help data governance, analytics, IT, and technology teams know their data

OneTrust releases new data governance software to help Data Governance, Analytics, IT, and Technology teams know their data.

October 13, 2020 3 min

Learn more

Privacy & Data Governance

TrustWeek news: OneTrust launches enhanced and automated Data Redaction capabilities

OneTrust announces two new solutions to help manage challenges and maintain ISMS success: Audit Management and Policy Management.

October 13, 2020 3 min

Learn more

Privacy & Data Governance

Overview of the california privacy rights act of 2020 (CPRA or CCPA 2.0)

In general, the CPRA amends the CCPA by expanding consumer rights, heightening privacy protections, and establishing an enforcement agency.

October 12, 2020 6 min

Learn more

Cookie Consent

DPC cookie guidance: your top 7 questions answered 

On April 6, the Irish Data Protection Commission released a report explaining the findings following a cookie sweep of websites across a range of industries.

September 29, 2020 6 min

Learn more

Privacy Management

LGPD vs. GDPR

Inspired by the GDPR, Brazil's Lei Geral de Proteção de Dados, or LGPD, regulates how companies collect, store, handle, and share personal data.

September 25, 2020 6 min

Learn more

Consent & Preferences

OneTrust supports Google’s newest solution: Consent Mode

Google's Consent Mode solution was created to bridge the gap between the advertising and privacy worlds, providing more flexibility.

September 03, 2020 4 min

Learn more

Privacy & Data Governance

What are the differences between CCPA and GDPR and LGPD?

The data security space is heating up in 2021. Read this article to understand the key components and comparisons of CCPA, GDPR, and LGPD.

August 28, 2020 11 min

Learn more

Inc. 500: OneTrust named America’s #1 fastest-growing company

OneTrust is named the #1 fastest growing private company in America with 48,000% growth on the prestigious Inc. 500 annual list.

August 12, 2020 4 min

Learn more

OneTrust expands OTT (Over-the-Top) CMP support for Apple TV, Android TV, Roku, and more

OneTrust announced expanded OTT compliance capabilities to help publishers and advertisers manage privacy consent and preference compliance.

August 06, 2020 3 min

Learn more

Privacy & Data Governance

Keeping CCPA compliant with Facebook’s limited data use

The CCPA enforcement date of July 1 has recently passed, but there are still areas of the regulation that businesses need clarity on.

August 03, 2020 3 min

Learn more

Privacy & Data Governance

India’s personal data protection bill

India's potential PDPB requires that data fiduciaries obtain data principals' consent for processing to ensure the principals' fundamental right to privacy.

July 24, 2020 8 min

Learn more

OneTrust opens new certification program dates

The OneTrust Certification Program has announced new dates and a new OneTrust Fellow of Privacy Technology certification is now available.

July 20, 2020 3 min

Learn more

Privacy & Data Governance

Launch your CCPA and GDPR Compliance programs with OneTrust free tools

OneTrust Free Tools help companies kickstark compliance with CCPA, GDPR, ISO 27701 and hundreds of the world's privacy laws and security frameworks.

July 06, 2020 2 min

Learn more

Data Discovery & Security

OneTrust acquires Integris Software

OneTrust acquired Integris Software to enhances OneTrust DataDiscovery. The integrated data discovery and classification solution is available today.  

June 30, 2020 2 min

Learn more

Privacy & Data Governance

OneTrust Assessment Automation technology aligned with the CNIL PIA methodology

The OneTrust Assessment Automation privacy impact assessment (PIA) technology is now aligned with the CNIL PIA methodology.

June 25, 2020 2 min

Learn more

Privacy & Data Governance

CCPA compliance for small businesses

The first step to CCPA compliance for small businesses will be to understand if the law applies to your business or not.  

June 02, 2020 3 min

Learn more

Privacy & Data Governance

IDC releases first worldwide data privacy management software market shares report

IDC released it's inaugural Data Privacy Management Software Market Shares Report and finds OneTrust has the largest market share.

May 27, 2020 2 min

Learn more

GRC & Security Assurance

Introducing OneTrust GRC’s Audit & Policy Management: Two New Tools to Support ISMS Programs

OneTrust announces two new solutions to help manage challenges and maintain ISMS success: Audit Management and Policy Management.

May 06, 2020 4 min

Learn more

Privacy Management

CCPA privacy policy & notice requirements

A key part of the California Consumer Privacy Act (CCPA) that went into effect on January 1, 2020 is updating your privacy policy and notice requirements.

April 22, 2020 3 min

Learn more

GRC & Security Assurance

Integrating privacy & cyber security

Cyber security and privacy must integrate using a privacy management software in order to address the growing challenge of protecting consumer data.

April 15, 2020 3 min

Learn more

GRC & Security Assurance

Unifying risk management initiatives

When leveraged correctly, these combined resources can streamline processes and automate common third-party risk management activities.

April 09, 2020 4 min

Learn more

Consent & Preferences

OneTrust consent management platform is IAB TCF 2.0 approved CMP

After working closely with IAB Europe, we're proud to announce the OneTrust Consent Management Platform (CMP) is officially TCF 2.0 approved by the IAB.

April 03, 2020 2 min

Learn more

Privacy & Data Governance

How to automate CCPA consumer rights requests

In this OneTrust blog, you will learn how you can automate consumer requests within your California Consumer Privacy Act (CCPA) program.

March 19, 2020 4 min

Learn more

Privacy & Data Governance

OpenID Connect (OIDC): As easy as 1-2-3

OpenID Connect lets developers authenticate their users across websites and apps without having to own and manage password files.

February 03, 2020 3 min

Learn more

Technology Risk & Compliance

Cybersecurity Maturity Model Certification (CMMC), Escalating security

What is the CMMC, who does it apply to, and how will it impact your business? Follow the development of the CMMC as the DoD put's it into effect.

January 21, 2020 4 min

Learn more

GRC & Security Assurance

Integrated Risk Management vs. GRC

What's the difference between Integrated Risk Management versus GRC? How do you compare a well-established discipline and new emerging risk initiatives?

January 16, 2020 5 min

Learn more

Privacy & Data Governance

The CCPA Toll-Free Number requirement

The California Consumer Privacy Act is taking effect in January, and one requirement that still confuses many businesses is the Toll-Free Number requirement.

December 27, 2019 4 min

Learn more

GRC & Security Assurance

CCPA compliance: Your most frequent CCPA questions answered

The CCPA is only days away from taking effect, and OneTrust has all the resources you need to be CCPA ready by January 1, 2020.

December 24, 2019 24 min

Learn more

Privacy & Data Governance

The CCPA vs. the GDPR comparison

Both the CCPA and the EU's GDPR aim to protect individuals' privacy rights, but there are some key differences between the two.

December 19, 2019 8 min

Learn more

Third-Party Risk

Centralizing your risk register

Companies can integrate their information across systems and data collection points to centralize their risk register and reporting efforts.

December 19, 2019 4 min

Learn more

Privacy & Data Governance

News: CJEU publishes AG opinion on facebook Ireland and schrems case

The Court of Justice of the European Union (CJEU) published the non-binding opinion of Henrik Saugmandsgaard Øe, the European Union Advocate General.

December 19, 2019 3 min

Learn more

Introducing OneTrust Zero-Code Cookie Auto-Blocking

We're excited to announce OneTrust Cookie Auto-Blocking, dramatically reducing the time it takes to implement a OneTrust cookie banner on your website. 

December 17, 2019 3 min

Learn more

Privacy & Data Governance

CMDB tools to organize, automate and integrate data

The data stored in your CMDB tools is only good for those who have access. Streamline maintenance with software to organize, automate and integrate data.

November 27, 2019 3 min

Learn more

Data Discovery & Security

OneTrust Targeted Data Discovery: Not your average data discovery tool

OneTrust offers a Targeted Data Discovery solution to help automate Data Subject Access Requests or DSAR requests.

November 26, 2019 2 min

Learn more

GRC & Security Assurance

Legacy GRC tools and today’s market challenges

Many GRC tools are solutions to problems of the past. New technology solutions can solve some of the digital risk challenges GRC tools fail to address.

November 21, 2019 5 min

Learn more

Privacy & Data Governance

CCPA Applicability: Who will the CCPA impact?

As the CCPA goes into effect on January 1, 2020, everyone who handles personal information regarding California consumers are going to be impacted.

November 06, 2019 3 min

Learn more

Privacy & Data Governance

IAB and CCPA: Let’s get technical

The IAB and IAB Tech Lab released the CCPA Compliance Framework for Publishers and Technology Companies on October 20, 2019.

October 31, 2019 6 min

Learn more

Cookie Consent

OneTrust PreferenceChoice’s cookie auto-blocking technology

OneTrust PreferenceChoice's Cookie Consent and Website Scanning is the most mature and trusted solution for cookie consent in the market.

October 19, 2019 4 min

Learn more

Privacy & Data Governance

California Privacy Rights and Enforcement Act Ballot initiative

On September 25, 2019, Alastair Mactaggart announced his new ballot initiative for the November 2020 ballot—the CPRA to amend the CCPA.

October 02, 2019 3 min

Learn more

Consent & Preferences

OneTrust Consent Management for Publishers: Delivering a personalized user experience

Publishers can manage consent across regulations and frameworks with OneTrust CMP consent management provider for publishers and advetisers.

September 23, 2019 2 min

Learn more

Privacy & Data Governance

The Nevada Privacy Law vs. the CCPA

Similar to the CCPA, Nevada allows consumers to opt-out of the sale of “covered information” collected through a website or online service. 

September 17, 2019 7 min

Learn more

Cookie Consent

OneTrust: Keeping up with Cookie Consent

As marketers, it is important to keep track of the constantly changing rules and regulations. Read this blog to see how you can keep up with cookie consent.

September 11, 2019 2 min

Learn more

Privacy & Data Governance

The Dos and Don’ts of CCPA consumer right requests

The California Consumer Privacy Act (CCPA) is the first privacy law to pass in the US – transforming how organizations structure their privacy program.

August 27, 2019 4 min

Learn more

Privacy & Data Governance

ISO 27701 new privacy standard: How OneTrust got certified & how you can too

OneTrust recently announced that we received the world's-first ISO 27701 certification for a Privacy Information Management System (PIMS).

August 27, 2019 2 min

Learn more

Privacy & Data Governance

OneTrust policy and Notice management: Tackling CCPA disclosure and GDPR policy challenges

OneTrust Policy and Notice Management helps companies comply with the GDPR's privacy policy notice obligation and the CCPA's disclosure requirement.

August 13, 2019 2 min

Learn more

Privacy & Data Governance

What teams should be part of your internal CCPA team

While the CCPA will impact the entire organization, but one initial consideration is who should be part of your internal CCPA team.  

July 22, 2019 5 min

Learn more

OneTrust raises $200 million Series A, valued at $1.3 billion

OneTrust announced a $200 million Series A investment, valuing the privacy, security and third-party risk company at $1.3 billion.

July 11, 2019 2 min

Learn more

Privacy & Data Governance

Nevada's privacy law

The Nevada Privacy Law allows consumers to opt-out of the sale of "covered information" collected through a website or online service.

June 05, 2019 5 min

Learn more

Third-Party Risk

Maintain updated data maps with OneTrust vendor risk management

With the OneTrust Vendor Risk Management platform and data mapping, companies sustain an up-to-date data map and automate alerts and actions.

May 07, 2019 4 min

Learn more

Privacy & Data Governance

Ready to become an expert? Everything you need to know about OneTrust’s PrivacyTech Expert Certification

Find out everything you need to know about the OneTrust Expert Certification training at OneTrust PrivacyTech 2019.

May 01, 2019 3 min

Learn more

Privacy Management

Privacy, the new global trade war: Part 3

As with any trade war, the primary victims are the individuals and businesses needing to adapt to the ever-changing patchwork of global privacy requirements.

March 18, 2019 6 min

Learn more

Privacy & Data Governance

OneTrust acquires DataGuidance!

Today OneTrust announced it has acquired DataGuidance, a leading, in-depth and up-to-date privacy and security regulatory research platform.

March 10, 2019 3 min

Learn more

Privacy & Data Governance

The importance of the CCPA Look Back requirement and what it means for your organization

The CCPA will take effect on January 1, 2020. Read the blog to learn more about the importance of the CCPA look back requirement.

March 07, 2019 4 min

Learn more

Third-Party Risk

The next evolution of Third-Party Risk Management is here with OneTrust’s Vendorpedia

Scale your third-party risk program with pre-populated privacy and security profiles on over 6,000 third-party vendors in OneTrust's Vendorpedia.

March 03, 2019 3 min

Learn more

Privacy Management

Privacy, the new global trade war: Part 1

The GDPR's extra-territorial scope is a big step in escalating the global shift towards digital protectionism and even stoking a global trade war.

February 25, 2019 6 min

Learn more

Privacy & Data Governance

CA Attorney General holds public forums on the CCPA: what you need to know

In partnership with the Department of Justice, the California Attorney General has scheduled several public forums to get feedback and opinions on the CCPA.

February 13, 2019 3 min

Learn more

GRC & Security Assurance

Incident & Breach Management – How can software help?

Here is a summary of the practical incident & breach management challenges and how software can help you to successfully tackle them.

February 11, 2019 6 min

Learn more

Privacy & Data Governance

OneTrust and Adobe team up for data privacy day

OneTrust for Adobe Experience Platform Launch and Adobe Experience Platform Mobile SDK integration will link OneTrust's mobile app records of consent.

January 28, 2019 2 min

Learn more

Privacy & Data Governance

Enable your Privacy and Security teams to work together with OneTrust for ServiceNow

OneTrust and ServiceNow, a cloud-based platform with solutions that deliver digital workflows to unlock productivity, will launch OneTrust for ServiceNow.

January 16, 2019 2 min

Learn more

Privacy & Data Governance

OneTrust expands presence into Australia and New Zealand with new Melbourne Office and Integrated ANZ Privacy Laws

OneTrust expanded support and resources for the Australia and New Zealand markets and integrated ANZ privacy laws into our privacy management platform.

August 18, 2018 2 min

Learn more

Privacy & Data Governance

What is the Brazil General Data Protection Law (LGPD)?

On August 14, 2018, the Brazilian president sanctioned the Brazil General Data Protection Law (LGPD). Read the blog to learn more.

July 20, 2018 5 min

Learn more

Consent & Preferences

OneTrust integrates Mobile App Consent solution into the OneTrust platform

OneTrust Mobile App Consent lets companies show user consent on mobile apps, allowing them to demonstrate compliance with global privacy regulations.

July 18, 2018 2 min

Learn more

Cookie Consent

OneTrust updates Cookie Consent solution with detailed records of user consent

We've added a new detailed Records of User Consent feature to the OneTrust Cookie Consent Tool, and customers will now have detailed records of consent.

June 28, 2018 2 min

Learn more

Third-Party Risk

OneTrust wins Risk Management Software of the Year at the 2018 FStech Awards

The FStech Awards selected OneTrust as Risk Management Software of the Year in 2018. Thank you to the FStech Awards for this incredible honor

April 25, 2018 2 min

Learn more

Privacy & Data Governance

The Article 29 Working Party issues revised guidelines on transparency

The WP29 has determined controllers should take to being transparent while embedding fairness and accountability into their transparency measures.

April 20, 2018 7 min

Learn more

OneTrust wins big at RSA Conference #RSAC

OneTrust Wins Big at the RSA Conference, including CEO Kabir Barday being named the Privacy Expert of the Year (Editor's Choice) for his innovation.

April 18, 2018 2 min

Learn more

Third-Party Risk

OneTrust joins the cloud security alliance

OneTrust joins the Cloud Security Alliance or CSA, a global leader in secure cloud computing, to simplify vendor risk management for GDPR compliance.

April 16, 2018 2 min

Learn more

Privacy & Data Governance

OneTrust adds Adobe Cloud Extension to help marketers with global privacy compliance

At the Adobe Digital Marketing Summit, OneTrust announced a new privacy management platform extension for Launch by Adobe.

March 27, 2018 2 min

Learn more

Privacy & Data Governance

WP29 publishes revised guidelines on personal data breach notification under GDPR

In October 2017, the Article 29 Working Party (WP29) issued guidelines on personal data breach notification under GDPR, which were submitted for public comment.

March 07, 2018 3 min

Learn more

Consent & Preferences

New OneTrust platform simplifies compliance challenges for marketers

OneTrust Simplifies GDPR Compliance for Marketers with Launch of Universal Consent and Preference Management Platform.

March 06, 2018 2 min

Learn more

Privacy & Data Governance

WP29 issues revised guidelines on Data Protection Impact Assessment (DPIA)

In 2017, WP29 Issues Revised Guidelines on DPIAs and whether processing is "likely to result in a high risk" per Reg. 2016/679.

October 18, 2017 6 min

Learn more

Privacy & Data Governance

OneTrust Data Subject Access Request (DSAR) portal simplifies GDPR Compliance

OneTrust launched the first-to-market DSAR portal, allowing data subjects to submit requests directly to organizations that process their data.

October 17, 2017 2 min

Learn more

Privacy & Data Governance

Irish High Court: Validity of the standard contractual clauses to be decided by the ECJ

The Irish High Court found that the Irish Data Protection Commissioner raised well-founded concerns about the validity of SCCS.

October 09, 2017 4 min

Learn more

Privacy & Data Governance

New suite of privacy management questionnaire templates available at OneTrust

OneTrust Announces EU Regulator Guidance-Based Privacy Templates for GDPR Compliance with a new suite of questionnaire templates.

September 06, 2017 2 min

Learn more

Privacy & Data Governance

Belgian DPA publishes template for Article 30 records

Belgian DPA publishes template for Article 30 Records in French and Dutch only, but you can attain an unofficial English translation in this blog.

September 05, 2017 2 min

Learn more

GRC & Security Assurance

CNIL publishes guidance on Incident management and notification

CNIL Publishes Guidance on Incident Management and Notification for GDPR on the notification of security incidents to regulatory authorities.

August 10, 2017 3 min

Learn more

Privacy & Data Governance

UK government publishes statement of Intent for new Data Protection Bill

UK Government publishes a statement of intent for a new Data Protection Bill to strengthen data protection laws in the UK and align with GDPR.

August 09, 2017 4 min

Learn more

Privacy & Data Governance

After reference by Article 29 Working Party, ISO publishes ISO/IEC 29134:2017

After Reference by Article 29 Working Party, International Organization for Standardization (ISO) publishes ISO/IEC 29134:2017 framework guidelines for PIA.

July 19, 2017 2 min

Learn more

Privacy & Data Governance

German DPA releases english translation of the Standard Data Protection Model

German DPA released an English translation of the Standard Data Protection Model (SDM), which addresses GDPR data protection goals.

May 12, 2017 2 min

Learn more

Privacy & Data Governance

Article 29 working party (WP29) guidelines on Data Protection Impact Assessments

Working Party 29 adopts guidelines on DPIA's and determining whether processing is "likely to result in a high risk" for the purposes of the GDPR.

April 14, 2017 6 min

Learn more

Cookie Consent

Nobody likes cookie pop-ups: Browser-based consent and the ePrivacy regulation

Nobody Likes Cookie Pop-Ups: Browser-Based Consent and the ePrivacy Regulation. Article 10 discusses the role browsers play in obtaining cookie consent.

February 22, 2017 6 min

Learn more

Privacy & Data Governance

Belgian DPA seeks public comments on DPIA draft recommendation

The Belgian DPA issues a draft recommendation and launched a public consultation to obtain input from stakeholders about DPIA obligations.

January 12, 2017 4 min

Learn more

Cookie Consent

GDPR compliance means cookie notices must change

GDPR Compliance Means Cookie Notices Must Change. You probably ticked the cookie law box ages ago and haven't thought about it since.

November 30, 2016 4 min

Learn more

Privacy & Data Governance

How GDPR applies to charities and NPOs

How GDPR Applies to Charities and Non-Profit Organizations... they're just as obligated as any other EU company to comply with GDPR.

September 29, 2016 3 min

Learn more

Privacy & Data Governance

OneTrust listed in three independent 2016 Gartner Hype Cycle assessments

Industry analyst firm Gartner, Inc. listed OneTrust in the category of Privacy Management Tools in three independent 2016 Hype Cycle industry assessments.

September 27, 2016 3 min

Learn more

Privacy & Data Governance

Concept of a Privacy Threshold Assessment

Concept of a Privacy Threshold Assessment (or Analysis). They're important, but they aren't the only evaluations necessary for an organization.

September 26, 2016 2 min

Learn more

Cookie Consent

OneTrust acquires Optanon, website auditing and cookie compliance solution

OneTrust Acquires Leading Website Auditing and Cookie Compliance Solution. Expands International Presence with Optanon acquisition.

September 12, 2016 3 min

Learn more