OneTrust adds native Microsoft integration into privacy management solution

October 21, 2021

Orange and yellow gradient

OneTrust, the most widely used privacy management platform and category-defining enterprise technology to operationalize trust, is now natively integrated to Microsoft’s new Privacy Management for Microsoft 365 solution. The new partnership helps our joint customers who own the Microsoft 365 product suite to identify privacy risks, automate privacy rights requests (DSARs), and give insight into their data across their Microsoft 365 systems.

With over 500+ integrations, OneTrust’s privacy management solutions enable our customers to automate the full privacy rights (DSAR) lifecycle, from collection, to identity verification, to structured and unstructured data discovery in Microsoft apps and beyond, so that sensitive and confidential information can be redacted and shared with employees and consumers.

“Our mission at OneTrust is to empower businesses to build trust into the fabric of their organization and our collaboration with Microsoft supports this,” noted Adam Rykowski, OneTrust Vice President of Product Management. “By automating and syncing the fulfillment of Data Subject Access Requests (DSAR) from OneTrust’s Privacy Management Solution with Privacy Management for Microsoft 365, available within the Microsoft 365 compliance center, we can seamlessly incorporate IT admins into privacy operations from the OneTrust platform.”

Learn More: Automate requests from intake to fulfillment with the OneTrust Privacy Rights Requests (DSAR) Module

OneTrust and Privacy Management for Microsoft 365 partnership in practice

The key benefit of this partnership is to assist our customers when fulfilling DSARs by allowing them to request personal information held in Microsoft 365 environments. New and expanding privacy regulations are giving people more control over their data – such as the right to access, delete, or amend information a company may have on them.


Gif cycling through the stages of the onetrust platform workflow builder


To respond to these requests and build more trust between businesses and their customers and employees, organizations need to understand what data they have and where it is stored, taking into account the multiple cloud and on-premises systems they may be using. The OneTrust and Privacy Management for Microsoft 365 integration will allow organizations to automatically request personal information held on Microsoft systems via the OneTrust DSAR module.

When a data subject submits an access request via OneTrust, pre-built workflows will automatically submit an equal request through the Microsoft integration. This will create a ticket in the Microsoft 365 compliance center to find and deliver all personal information relating to the requester held in Microsoft 365. While the request is processing, privacy admins can monitor its status in the OneTrust DSAR tool and once the request is complete, consumer files can be pulled back from the Microsoft environment into the OneTrust DSAR module.

A key benefit of using OneTrust for DSAR automation is the ability to pull information from Microsoft 365 and over 500+ other system integrations available in the OneTrust platform. The information found within Microsoft 365 systems can then be reviewed and compiled with similar files found across non-Microsoft systems. OneTrust then automatically redacts sensitive and confidential data that should not be included in your response before sharing this information with the requester via OneTrust’s secure messaging portal.

Request a demo to see how this integration, and OneTrust’s wider suite of privacy compliance software, can help your organization automate its privacy program today.

You may also like


Responsible AI

Unpacking the EU AI Act

Prepare your business for EU AI Act and other AI regulations with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Learn more


Privacy Management

Unpacking the EU-US DPF

In this webinar, we cover the new EU-US Data Privacy Framework (EU-US DPF) and what privacy program managers need to know for post-Schrems II data transfers.

June 28, 2023

Learn more


Privacy Management

New states, new dates: Preparing for Indiana, Montana, Tennessee and Florida state privacy laws

Join our expert panel where we examine upcoming privacy legislation in Indiana, Montana, Tennessee, and Florida and the key requirements of each law.

June 20, 2023

Learn more