Privacy Management

What you need to know about the EU-US DPF

What is the EU-US Data Privacy Framework all about? And how does it affect my organization? Read the blog to learn more.

Param Gopalasamy

April 12, 2024 8 min read

Privacy Management

What you need to know about the EU-US DPF

What is the EU-US Data Privacy Framework all about? And how does it affect my organization? Read the blog to learn more.

Param Gopalasamy

April 12, 2024 8 min read

Privacy Management

Is the draft American Privacy Rights Act set to become federal privacy law in the US?

The American Privacy Rights Act (APRA) is the latest attempt at passing a federal privacy law. The bipartisan bill aims to introduce a consistent standard for privacy and security across the US.

Alexis Kateifides

April 10, 2024 5 min read

Privacy Management

Is the draft American Privacy Rights Act set to become federal privacy law in the US?

The American Privacy Rights Act (APRA) is the latest attempt at passing a federal privacy law. The bipartisan bill aims to introduce a consistent standard for privacy and security across the US.

Alexis Kateifides

April 10, 2024 5 min read

Privacy Management

Kentucky Consumer Privacy Act joins US privacy landscape

The Kentucky Consumer Privacy Act became the third comprehensive state privacy law to pass in 2024 when it was signed by the Governor of Kentucky on April 4, 2024.

April 08, 2024 5 min read

Privacy Management

Kentucky Consumer Privacy Act joins US privacy landscape

The Kentucky Consumer Privacy Act became the third comprehensive state privacy law to pass in 2024 when it was signed by the Governor of Kentucky on April 4, 2024.

April 08, 2024 5 min read

Gestion de la protection des données personnelles

OneTrust met en place des expériences personnalisées et respectueuses de la vie privée grâce à Adobe

Adobe et OneTrust ont lancé un partenariat visant à offrir aux entreprises une personnalisation à grande échelle respectueuse de la vie privée. 

avril 03, 2024 5 min read

Gestion de la protection des données personnelles

OneTrust met en place des expériences personnalisées et respectueuses de la vie privée grâce à Adobe

Adobe et OneTrust ont lancé un partenariat visant à offrir aux entreprises une personnalisation à grande échelle respectueuse de la vie privée. 

avril 03, 2024 5 min read

Privacy Management

The Digital Markets Act is live: Now what?

The Digital Markets Act (DMA) went live on March 6, 2024. What does it mean for your organization? Read more to find out.

Param Gopalasamy

March 25, 2024 6 min read

Privacy Management

The Digital Markets Act is live: Now what?

The Digital Markets Act (DMA) went live on March 6, 2024. What does it mean for your organization? Read more to find out.

Param Gopalasamy

March 25, 2024 6 min read

Privacy Management

OneTrust powers privacy-first, personalized experiences with Adobe real-time customer data platform

Adobe and OneTrust have launched a partnership to bring privacy-first personalization at scale to businesses across all industries. Read our blog to learn more.

Param Gopalasamy

March 21, 2024 5 min read

Privacy Management

OneTrust powers privacy-first, personalized experiences with Adobe real-time customer data platform

Adobe and OneTrust have launched a partnership to bring privacy-first personalization at scale to businesses across all industries. Read our blog to learn more.

Param Gopalasamy

March 21, 2024 5 min read

Consent & Preferences

IAB TCF 2.2: What you need to know

IAB Europe updated their Transparency and Consent Framework to improve data privacy for users around how organizations collect and process data

Ryan Karlin

March 19, 2024 4 min read

Consent & Preferences

IAB TCF 2.2: What you need to know

IAB Europe updated their Transparency and Consent Framework to improve data privacy for users around how organizations collect and process data

Ryan Karlin

March 19, 2024 4 min read

GRC & Security Assurance

7 mythes sur la conformité à SOC 2

Comprenez ce dont votre entreprise a besoin pour se conformer à la norme SOC 2 et protéger les données de vos clients. 

mars 18, 2024

GRC & Security Assurance

7 mythes sur la conformité à SOC 2

Comprenez ce dont votre entreprise a besoin pour se conformer à la norme SOC 2 et protéger les données de vos clients. 

mars 18, 2024

Privacy Management

Executive Order on Sensitive Data: What does it mean?

Explore the impact of President Biden's Executive Order on your business's handling of sensitive data, from biometric to financial information.

Alexis Kateifides

March 14, 2024 5 min read

Privacy Management

Responsible use in the data lifecycle: Data collection

When building customer trust, handling personal data responsibly must be considered throughout the data lifecycle. At the point of collection this means placing transparency and choice at the forefront. Read part one of this blog series to learn more.

Robb Taylor-Hiscock

March 14, 2024 7 min read

Privacy Management

Executive Order on Sensitive Data: What does it mean?

Explore the impact of President Biden's Executive Order on your business's handling of sensitive data, from biometric to financial information.

Alexis Kateifides

March 14, 2024 5 min read

Privacy Management

Responsible use in the data lifecycle: Data collection

When building customer trust, handling personal data responsibly must be considered throughout the data lifecycle. At the point of collection this means placing transparency and choice at the forefront. Read part one of this blog series to learn more.

Robb Taylor-Hiscock

March 14, 2024 7 min read

Consentement et préférences utilisateur

Le Digital Markets Act est entré en vigueur : et maintenant ?

Découvrez ce que le digital Markets Act (DMA) signifie pour votre entreprise, son impact et la solution pour s'y conformer. 

mars 11, 2024

Consentement et préférences utilisateur

Le Digital Markets Act est entré en vigueur : et maintenant ?

Découvrez ce que le digital Markets Act (DMA) signifie pour votre entreprise, son impact et la solution pour s'y conformer. 

mars 11, 2024

Privacy Management

New Hampshire becomes latest state to pass a comprehensive privacy act in 2024

Following signature from the Governor of New Hampshire, Senate Bill 255 has passed into law; effective January 1, 2025

Alexis Kateifides

March 07, 2024 5 min read

Privacy Management

New Hampshire becomes latest state to pass a comprehensive privacy act in 2024

Following signature from the Governor of New Hampshire, Senate Bill 255 has passed into law; effective January 1, 2025

Alexis Kateifides

March 07, 2024 5 min read

Technology Risk & Compliance

Applying NIST CSF 2.0: Risk management vs. maturity assessments

Determine the best way to apply the NIST Cybersecurity Framework in your organization to help manage cyber risks and threats.

Katrina Dalao

March 06, 2024 4 min read

Technology Risk & Compliance

Applying NIST CSF 2.0: Risk management vs. maturity assessments

Determine the best way to apply the NIST Cybersecurity Framework in your organization to help manage cyber risks and threats.

Katrina Dalao

March 06, 2024 4 min read

Consentement et préférences utilisateur

Comment OneTrust s'intègre à Google Consent Mode V2

Grâce à l'intégration de Google Consent Mode, OneTrust facilite les étapes importantes de la mise en œuvre pour une installation plus aisée.

mars 06, 2024 3 min read

Consentement et préférences utilisateur

Comment OneTrust s'intègre à Google Consent Mode V2

Grâce à l'intégration de Google Consent Mode, OneTrust facilite les étapes importantes de la mise en œuvre pour une installation plus aisée.

mars 06, 2024 3 min read

AI Governance

Utah passes AI bill

Learn more about the Utah AI bill and where it sits in the regulation landscape.

Lauren Diethelm

March 05, 2024 3 min read

AI Governance

Utah passes AI bill

Learn more about the Utah AI bill and where it sits in the regulation landscape.

Lauren Diethelm

March 05, 2024 3 min read

Gestion des risques tiers

IA & risques tiers : Une approche complète de l'évaluation des fournisseurs

Risques tiers liés à l'IA - Comment rester en contrôle ? Découvrez notre approche complète pour l'évaluation de vos fournisseurs

mars 04, 2024 4 min read

Gestion des risques tiers

IA & risques tiers : Une approche complète de l'évaluation des fournisseurs

Risques tiers liés à l'IA - Comment rester en contrôle ? Découvrez notre approche complète pour l'évaluation de vos fournisseurs

mars 04, 2024 4 min read

IA - Gouvernance

Comprendre les niveaux de risque de l'IA Act

Le projet de loi de l'UE sur l'IA définit quatre catégories de risques pour l'utilisation des systèmes d'IA. Découvrez chacune de ces catégories et l'impact qu'elles peuvent avoir sur l'utilisation de l'IA dans votre entreprise.

mars 01, 2024 5 min read

IA - Gouvernance

Comprendre les niveaux de risque de l'IA Act

Le projet de loi de l'UE sur l'IA définit quatre catégories de risques pour l'utilisation des systèmes d'IA. Découvrez chacune de ces catégories et l'impact qu'elles peuvent avoir sur l'utilisation de l'IA dans votre entreprise.

mars 01, 2024 5 min read

GRC & Security Assurance

7 myths about SOC 2 compliance

Understand what your company needs to achieve SOC 2 compliance and protect customer data. Read more about the seven myths about SOC 2 compliance.

Katrina Dalao

February 27, 2024 4 min read

GRC & Security Assurance

7 myths about SOC 2 compliance

Understand what your company needs to achieve SOC 2 compliance and protect customer data. Read more about the seven myths about SOC 2 compliance.

Katrina Dalao

February 27, 2024 4 min read

AI Governance

6 takeaways from recent FTC rulings and what they mean for your AI governance program

Explore five key takeaways from recent FTC rulings on AI governance and discover their implications for providers and deployers of AI systems.

Lauren Diethelm

February 21, 2024 4 min read

AI Governance

6 takeaways from recent FTC rulings and what they mean for your AI governance program

Explore five key takeaways from recent FTC rulings on AI governance and discover their implications for providers and deployers of AI systems.

Lauren Diethelm

February 21, 2024 4 min read

Ethics Program Management

Should your code of conduct be public-facing?

While it may sound counterintuitive, making a company code of conduct public-facing has many benefits. See the business case for doing so.

Noshin Khan

February 20, 2024 6 min read

Ethics Program Management

Should your code of conduct be public-facing?

While it may sound counterintuitive, making a company code of conduct public-facing has many benefits. See the business case for doing so.

Noshin Khan

February 20, 2024 6 min read

Responsible AI

The importance of responsible AI use in data discovery

Learn more about the challenges AI usage presents to your data discovery process and how you can address them.

February 14, 2024 6 min read

Responsible AI

The importance of responsible AI use in data discovery

Learn more about the challenges AI usage presents to your data discovery process and how you can address them.

February 14, 2024 6 min read

Responsible AI

Biden-Harris administration announces first consortium dedicated to AI safety

Learn more about the AI safety consortium set forth by the Biden-Harris administration

Lauren Diethelm

February 13, 2024 2 min read

Responsible AI

Biden-Harris administration announces first consortium dedicated to AI safety

Learn more about the AI safety consortium set forth by the Biden-Harris administration

Lauren Diethelm

February 13, 2024 2 min read

Third-Party Risk

Third-Party AI Risk: A Holistic Approach to Vendor Assessment

Assessing third-party risk for AI vendors is critical to AI governance, but you don’t have to start your assessment process from scratch. Learn more about taking a holistic approach to vendor assessments for AI.

Marco Barone

February 06, 2024 4 min read

Third-Party Risk

Third-Party AI Risk: A Holistic Approach to Vendor Assessment

Assessing third-party risk for AI vendors is critical to AI governance, but you don’t have to start your assessment process from scratch. Learn more about taking a holistic approach to vendor assessments for AI.

Marco Barone

February 06, 2024 4 min read

Privacy Management

Take your privacy program from a compliance initiative to a customer trust imperative

The OneTrust Data Privacy Maturity Model defines four clear stages of program maturity that will help you to go beyond compliance and start building customer trust

Ojas Rege

February 05, 2024 6 min read

Privacy Management

Take your privacy program from a compliance initiative to a customer trust imperative

The OneTrust Data Privacy Maturity Model defines four clear stages of program maturity that will help you to go beyond compliance and start building customer trust

Ojas Rege

February 05, 2024 6 min read

Ethics Program Management

How does silo mentality impact organizational culture and risk?

Is your organization more siloed than you’d like it to be? Learn the pitfalls of teams working in isolation and how to overcome collaboration barriers.

Noshin Khan

February 01, 2024 5 min read

Ethics Program Management

How does silo mentality impact organizational culture and risk?

Is your organization more siloed than you’d like it to be? Learn the pitfalls of teams working in isolation and how to overcome collaboration barriers.

Noshin Khan

February 01, 2024 5 min read

Privacy & Data Governance

Your guide to celebrating Data Privacy Day

January 28 is Data Privacy Day, the international day to empower people and businesses to respect privacy and build trust.

Robb Taylor-Hiscock

January 24, 2024 6 min read

Privacy & Data Governance

Your guide to celebrating Data Privacy Day

Each year, Data Privacy Day represents a moment for organizations and individuals to educate themselves and those around them about privacy. This is your guide to celebrate it.

Robb Taylor-Hiscock

January 24, 2024 6 min read

Privacy & Data Governance

OneTrust and Snowflake Horizon: Integrated solutions for data access and governance

Ensuring the right people have the right access bolsters security for all.

Jason Koestenblatt

January 24, 2024 3 min read

Privacy & Data Governance

OneTrust and Snowflake Horizon: Integrated solutions for data access and governance

Ensuring the right people have the right access bolsters security for all.

Jason Koestenblatt

January 24, 2024 3 min read

Technology Risk & Compliance

Are you ready for PCI DSS v4.0? Countdown to compliance

Make sure your organization is ready for PCI DSS v4.0 with these simple action steps that help fast-track the path to compliance.

January 23, 2024 7 min read

Technology Risk & Compliance

Are you ready for PCI DSS v4.0? Countdown to compliance

Make sure your organization is ready for PCI DSS v4.0 with these simple action steps that help fast-track the path to compliance.

January 23, 2024 7 min read

Consent & Preferences

What you need to know about Google's third-party cookie deprecation

No more cookies? Oh wait, no - it’s no more third-party cookies. What’s that all about? Learn more about what Google’s latest decision means for you.

Param Gopalasamy

January 22, 2024 5 min read

Consent & Preferences

What you need to know about Google's third-party cookie deprecation

No more cookies? Oh wait, no - it’s no more third-party cookies. What’s that all about? Learn more about what Google’s latest decision means for you.

Param Gopalasamy

January 22, 2024 5 min read

Privacy Management

New Jersey passes comprehensive privacy law

On January 16th, New Jersey signed their privacy bill into law, marking the first state to pass a comprehensive privacy law in 2024. Learn more about what this means for your organization and how you can comply.

Alexis Kateifides

January 18, 2024 5 min read

Privacy Management

New Jersey passes comprehensive privacy law

On January 16th, New Jersey signed their privacy bill into law, marking the first state to pass a comprehensive privacy law in 2024. Learn more about what this means for your organization and how you can comply.

Alexis Kateifides

January 18, 2024 5 min read

Third-Party Due Diligence

What is the DOJ’s Safe Harbor Policy?

The DOJ announced the Safe Harbor Policy in October 2023. What does the policy mean for companies and compliance teams undergoing a merger or acquisition?

Hannah Middleton

January 16, 2024 3 min read

Third-Party Due Diligence

What is the DOJ’s Safe Harbor Policy?

The DOJ announced the Safe Harbor Policy in October 2023. What does the policy mean for companies and compliance teams undergoing a merger or acquisition?

Hannah Middleton

January 16, 2024 3 min read

Data Discovery & Classification

Modern-day manufacturing: A process built on data governance

Learn how data governance in manufacturing helps establish best practices for managing data across your supply chain, from initial order placement to final delivery.

Katrina Dalao

January 09, 2024 8 min read

Data Discovery & Classification

Modern-day manufacturing: A process built on data governance

Learn how data governance in manufacturing helps establish best practices for managing data across your supply chain, from initial order placement to final delivery.

Katrina Dalao

January 09, 2024 8 min read

IA responsable

Ce que vous devez savoir sur les évaluations de conformité dans le cadre l’IA Act

Le projet de loi de l’UE sur l’IA adopte une approche de précaution, basée sur les risques en matière d’IA et, pour ce faire, a défini quatre catégories de risques différentes dans lesquelles les systèmes d’IA peuvent être classés. 

janvier 04, 2024

IA - Gouvernance

Ce que le Code de conduite du G7 signifie pour votre entreprise

Les systèmes d’IA avancés deviennent monnaie courante, annonçant des avancées potentielles et, à l’inverse, des risques. Reconnaissant l’immense impact de l’IA, le Code du G7 est le dernier d’une série de développements récents et à venir concernant les orientations autour de l’IA.  

janvier 04, 2024

Privacy & Data Governance

Eclairage sur l’analyse d’impact relative à la protection des données (AIPD)

L’analyse d’impact relative à la protection des données est un mécanisme de conformité. La méthodologie de réalisation, l’application concrète, les risques liés à la non réalisation d’une AIPD ou encore les outils qui aident à sa mise en œuvre nécessitent une compréhension du contexte juridique pour être conforme au RGPD.

janvier 04, 2024

GRC & Security Assurance

Gestion des risques IT et des risques tiers Retour d’expérience

Gestion des risques IT et des risques tiers avec la plateforme OneTrust : découvrez le témoignage du CISO d’Ubble –  Jérôme Raybaud !

janvier 04, 2024

Devoir de vigilance sur les tiers

Contrôle de conformité : L’art de la due diligence renforcée pour les tiers

Examinons de plus près ce qu’implique une diligence raisonnable renforcée et pourquoi elle est si importante pour protéger votre organisation et créer une solide culture d’éthique et de conformité. 

janvier 04, 2024

IA responsable

Ce que vous devez savoir sur les évaluations de conformité dans le cadre l’IA Act

Le projet de loi de l’UE sur l’IA adopte une approche de précaution, basée sur les risques en matière d’IA et, pour ce faire, a défini quatre catégories de risques différentes dans lesquelles les systèmes d’IA peuvent être classés. 

janvier 04, 2024

GRC & Security Assurance

Automatisation des certification ISO 27001, NIS2...

OneTrust Certification Automation vous aide à mettre en place, à développer et à automatiser votre programme de conformité InfoSec (ISO 27001, NIS2…).

janvier 03, 2024

GRC & Security Assurance

Agir en matière de cybersécurité basée sur la confiance, de l’individu à l’entreprise

Face à l’augmentation des ransomwares et des incidents de sécurité,  tisser un tissu de confiance au sein de votre organisation est une opportunité de différenciation commerciale. 

janvier 03, 2024

Consent & Preferences

The ultimate guide to consent and preferences in the healthcare sector

Consent management in the healthcare sector is more important than ever, with sensitive personal data from patients at stake. Learn how your organization can build patient trust through consent and preferences.

Param Gopalasamy

December 28, 2023 13 min read

Consent & Preferences

The ultimate guide to consent and preferences in the healthcare sector

Consent management in the healthcare sector is more important than ever, with sensitive personal data from patients at stake. Learn how your organization can build patient trust through consent and preferences.

Param Gopalasamy

December 28, 2023 13 min read

Devoir de vigilance sur les tiers

OneTrust s’associe à Dow Jones Risk & Compliance pour une diligence raisonnable des tiers basée sur les données

Nous sommes ravis d’annoncer le partenariat entre Dow Jones Risk & Compliance et OneTrust Third-Party Due Diligence. 

décembre 28, 2023

Consent & Preferences

Unify consented data to power your tech stack

What does a consent management system do for your tech stack? And why is it necessary? 

December 27, 2023 7 min read

Consent & Preferences

Unify consented data to power your tech stack

What does a consent management system do for your tech stack? And why is it necessary? Read the blog to learn more.

December 27, 2023 7 min read

Consent & Preferences

The ICO's stance on user privacy and website compliance

The UK’s ICO recently announced that enforcement actions will be coming soon for large websites that aren’t adhering to their consent guidelines. What does this mean for your business?

Param Gopalasamy

December 14, 2023 5 min read

Consent & Preferences

The ICO's stance on user privacy and website compliance

The UK’s ICO recently announced that enforcement actions will be coming soon for large websites that aren’t adhering to their consent guidelines. What does this mean for your business?

Param Gopalasamy

December 14, 2023 5 min read

Trust Intelligence

Trending Toward Trust in 2024: Measurement, management, and maturity

Explore 'Trending Toward Trust in 2024', OneTrust's latest report, offering key insights into measurement, management, and maturity of organizational trust. 

Robb Taylor-Hiscock

December 11, 2023 4 min read

Trust Intelligence

Trending Toward Trust in 2024: Measurement, management, and maturity

Explore 'Trending Toward Trust in 2024', OneTrust's latest report, offering key insights into measurement, management, and maturity of organizational trust. 

Robb Taylor-Hiscock

December 11, 2023 4 min read

Technology Risk & Compliance

OneTrust prioritizes innovation to make trust a differentiator

Forrester recognizes OneTrust is on the path to become a holistic GRC solution.

December 11, 2023 3 min read

Technology Risk & Compliance

OneTrust prioritizes innovation to make trust a differentiator

Forrester recognizes OneTrust is on the path to become a holistic GRC solution.

December 11, 2023 3 min read

Consent & Preferences

How OneTrust integrates with Google Consent Mode

How OneTrust's integration with Google Consent Mode facilitates easier setup

Ashlea Cartee, Product Marketing Manager, Consent & Preferences, OneTrust

December 07, 2023 3 min read

Consent & Preferences

How OneTrust integrates with Google Consent Mode

Now with OneTrust's integration of Google Consent Mode, OneTrust facilitates important implementation steps for easier setup.

Ashlea Cartee, Product Marketing Manager, Consent & Preferences, OneTrust

December 07, 2023 3 min read

Responsible AI

Where does AI fit in the security team’s processes?

Learn about the new tools that are transforming the security landscape and enabling ways to safeguard against evolving threats.

Tim Mullen and Julian Head

December 06, 2023 6 min read

Responsible AI

Where does AI fit in the security team’s processes?

Learn about the new tools that are transforming the security landscape and enabling ways to safeguard against evolving threats.

Tim Mullen and Julian Head

December 06, 2023 6 min read

Data Discovery & Security

Data governance in retail: Protecting privacy while driving profits

Learn how to build a data governance program that protects and secures your retail company and builds customer loyalty in the long run.

Katrina Dalao

December 05, 2023 6 min read

Data Discovery & Security

Collibra + OneTrust: Better together | Blog | OneTrust

Learn how OneTrust's collaboration with OneTrust can expand trust and compliance across your entire data landscape.

Ojas Rege

December 05, 2023 2 min read

Data Discovery & Security

Collibra + OneTrust: Better together | Blog | OneTrust

Learn how OneTrust's collaboration with OneTrust can expand trust and compliance across your entire data landscape.

Ojas Rege

December 05, 2023 2 min read

Data Discovery & Security

Data governance in retail: Protecting privacy while driving profits

Learn how to build a data governance program that protects and secures your retail company and builds customer loyalty in the long run.

Katrina Dalao

December 05, 2023 6 min read

AI Governance

Establishing an AI governance committee: An inside look at OneTrust’s process

Diverse AI governance committees are key to helping organizations mitigate risk and use AI responsibly. Learn more about what goes into establishing an AI governance committee.

Adomas Siudika

November 30, 2023 7 min read

AI Governance

Establishing an AI governance committee: An inside look at OneTrust’s process

Diverse AI governance committees are key to helping organizations mitigate risk and use AI responsibly. Learn more about what goes into establishing an AI governance committee.

Adomas Siudika

November 30, 2023 7 min read

AI Governance

Understanding the EU AI Act’s risk levels

The draft EU AI Act lays out four risk categories for the use of AI systems. Learn more about each of these categories, and how they might impact the use of AI in your business.

Laurence McNally

November 30, 2023 5 min read

AI Governance

Understanding the EU AI Act’s risk levels

The draft EU AI Act lays out four risk categories for the use of AI systems. Learn more about each of these categories, and how they might impact the use of AI in your business.

Laurence McNally

November 30, 2023 5 min read

Internal Audit Management

SOC 2 compliance checklist: 8 steps to prepare your organization

Find the right SOC 2 compliance software that provides the features that best serve your business.

November 28, 2023 7 min read

Internal Audit Management

SOC 2 compliance checklist: 8 steps to prepare your organization

Find the right SOC 2 compliance software that provides the features that best serve your business.

November 28, 2023 7 min read

Responsible AI

UK AI Bill introduced in House of Lords

On November 23, 2023, UK Parliament introduced the Artificial Intelligence (Regulation) Bill to the House of Lords. Read on to learn more.

Robb Hiscock

November 27, 2023 4 min read

Responsible AI

UK AI Bill introduced in House of Lords

On November 23, 2023, UK Parliament introduced the Artificial Intelligence (Regulation) Bill to the House of Lords. Read on to learn more.

Robb Hiscock

November 27, 2023 4 min read

Responsible AI

What you need to know about conformity assessments under the EU AI Act

Providers of high-risk AI systems have to meet Conformity Assessment requirements under the EU AI Act before their system can be put on the market. Read the blog to learn more.

Lauren Diethelm

November 20, 2023 4 min read

Responsible AI

What you need to know about conformity assessments under the EU AI Act

Providers of high-risk AI systems have to meet Conformity Assessment requirements under the EU AI Act before their system can be put on the market. Read the blog to learn more.

Lauren Diethelm

November 20, 2023 4 min read

Third-Party Due Diligence

Compliance check: The art of enhanced due diligence for third parties

Learn how to apply enhanced due diligence to third parties when thorough scrutiny is needed to preserve your company’s values and ensure compliance with laws and regulations. 

Jisha Dymond

November 16, 2023 5 min read

Third-Party Due Diligence

Compliance check: The art of enhanced due diligence for third parties

Learn how to apply enhanced due diligence to third parties when thorough scrutiny is needed to preserve your company’s values and ensure compliance with laws and regulations. 

Jisha Dymond

November 16, 2023 5 min read

AI Governance

What is an AI inventory, and why do you need one?

When starting an AI governance program, one of the first and most important steps is setting up an AI inventory. Learn more about why inventories matter, and how you can create one.

Bex Evans

November 15, 2023 3 min read

AI Governance

What is an AI inventory, and why do you need one?

When starting an AI governance program, one of the first and most important steps is setting up an AI inventory. Learn more about why inventories matter, and how you can create one.

Bex Evans

November 15, 2023 3 min read

ESG Program Management

Understanding new SEC ESG disclosure requirements

The SEC ESG disclosures ensure that financial institutions in the US report on the environmental impact of their investments. Read the blog to learn more.

Param Gopalasamy

November 14, 2023 5 min read

ESG Program Management

Understanding new SEC ESG disclosure requirements

The SEC ESG disclosures ensure that financial institutions in the US report on the environmental impact of their investments. Read the blog to learn more.

Param Gopalasamy

November 14, 2023 5 min read

ESG Program Management

Getting to know the Task Force on Climate-related Financial Disclosures (TCFD)

A primer on the TCFD framework—what it is, why it matters, and how it’s being adopted around the world

Param Gopalasamy

November 13, 2023 5 min read

ESG Program Management

Getting to know the Task Force on Climate-related Financial Disclosures (TCFD)

A primer on the TCFD framework—what it is, why it matters, and how it’s being adopted around the world

Param Gopalasamy

November 13, 2023 5 min read

AI Governance

Navigating the EU AI Act

Parliament has endorsed the EU AI Act, setting the standard for safeguarding fundamental human rights while still protecting human rights. Learn more about the details of the EU AI Act and how it impacts your business.

Param Gopalasamy

November 13, 2023 13 min read

AI Governance

Navigating the EU AI Act

Parliament has endorsed the EU AI Act, setting the standard for safeguarding fundamental human rights while still protecting human rights. Learn more about the details of the EU AI Act and how it impacts your business.

Param Gopalasamy

November 13, 2023 13 min read

Consent & Preferences

A new era of behavioral advertising?

With recent enforcement decisions from authoritative bodies in Europe, organizations need to take a look at how they view consent for behavioral advertising. 

Param Gopalasamy

November 08, 2023 4 min read

Consent & Preferences

A new era of behavioral advertising?

With recent enforcement decisions from authoritative bodies in Europe, organizations need to take a look at how they view consent for behavioral advertising. 

Param Gopalasamy

November 08, 2023 4 min read

Third-Party Risk

Are your third parties a privacy compliance liability?

What role do third parties play in your privacy compliance efforts? Learn how the two functions overlap and ways to keep data secure across your supply chain.

Katrina Dalao

November 07, 2023 10 min read

Third-Party Risk

Are your third parties a privacy compliance liability?

What role do third parties play in your privacy compliance efforts? Learn how the two functions overlap and ways to keep data secure across your supply chain.

Katrina Dalao

November 07, 2023 10 min read

AI Governance

What you need to know about… Generative AI

Ever heard of generative AI? Of course you have. We all have. The next time it comes up in conversation, this blog will help you appear intelligible on the topic. You’re welcome.

Param Gopalasamy

November 03, 2023 10 min read

AI Governance

What you need to know about… Generative AI

Ever heard of generative AI? Of course you have. We all have. The next time it comes up in conversation, this blog will help you appear intelligible on the topic. You’re welcome.

Param Gopalasamy

November 03, 2023 10 min read

Privacy Management

What the G7 Code of Conduct means for your business

Recognizing the immense impact of AI, the G7’s Code is the latest in a series of recent and upcoming developments concerning guidance around AI. 

Param Gopalasamy

October 31, 2023 4 min read

Privacy Management

What the G7 Code of Conduct means for your business

Recognizing the immense impact of AI, the G7’s Code is the latest in a series of recent and upcoming developments concerning guidance around AI. 

Param Gopalasamy

October 31, 2023 4 min read

Responsible AI

President Biden issues Executive Order on Safe, Secure, and Trustworthy AI

On October 30, the Biden-Harris administration issued an Executive Order on Safe, Secure, and Trustworthy AI. Read the blog to learn more. 

Lauren Diethelm

October 31, 2023 6 min read

Data Discovery & Security

Data is the new currency: How to protect financial services information

The heavily-regulated financial services industry requires a thoughtful process for governing data.

Jason Koestenblatt

October 13, 2023 5 min read

Data Discovery & Security

Data is the new currency: How to protect financial services information

The heavily-regulated financial services industry requires a thoughtful process for governing data.

Jason Koestenblatt

October 13, 2023 5 min read

Third-Party Risk

Trust talks: Actioning trust-based cybersecurity from individual to enterprise

Security teams can help create and champion organizational trust despite interdepartmental silos

Jason Koestenblatt

October 09, 2023 4 min read

GRC & Security Assurance

Digital transformation and the evolving cybersecurity landscape

As the technological landscape continues to evolve, teams are seeing increases in compliance obligations, regulations, and the proliferation of cloud technology.

Scott Solomon

October 09, 2023 3 min read

Third-Party Risk

Trust talks: Actioning trust-based cybersecurity from individual to enterprise

Security teams can help create and champion organizational trust despite interdepartmental silos

Jason Koestenblatt

October 09, 2023 4 min read

GRC & Security Assurance

Digital transformation and the evolving cybersecurity landscape

As the technological landscape continues to evolve, teams are seeing increases in compliance obligations, regulations, and the proliferation of cloud technology.

Scott Solomon

October 09, 2023 3 min read

Data Discovery & Security

Data governance principles: 4 best practices

Discovery and classification are necessary in data governance, but clarity and accountability are at the root of collaboration

Sam Curcuruto

October 05, 2023 3 min read

Data Discovery & Security

Data governance principles: 4 best practices

Discovery and classification are necessary in data governance, but clarity and accountability are at the root of collaboration

Sam Curcuruto

October 05, 2023 3 min read

GRC & Security Assurance

Cybersecurity Awareness Month resource hub

The cybersecurity awareness hub pulls resources from our experts on the Security CoE, GRC, Privacy, DataGuidance, and TPRM teams to a central resource.

Jason Koestenblatt, Team Lead, Content Marketing

October 02, 2023 3 min read

GRC & Security Assurance

October is Cybersecurity Awareness Month. So, what?

The Cybersecurity and Infrastructure Security Agency’s (CISA) created cybersecurity awareness month with the intent to educate and promote online safety.

Scott Solomon

October 02, 2023 3 min read

GRC & Security Assurance

Cybersecurity Awareness Month resource hub

The cybersecurity awareness hub pulls resources from our experts on the Security CoE, GRC, Privacy, DataGuidance, and TPRM teams to a central resource.

Jason Koestenblatt, Team Lead, Content Marketing

October 02, 2023 3 min read

GRC & Security Assurance

October is Cybersecurity Awareness Month. So, what?

The Cybersecurity and Infrastructure Security Agency’s (CISA) created cybersecurity awareness month with the intent to educate and promote online safety.

Scott Solomon

October 02, 2023 3 min read

Data Discovery & Security

Data governance builds trust, drives positive healthcare outcomes

Discovering and governing sensitive healthcare data helps professionals focus on treatment.

Sam Curcuruto

September 26, 2023 4 min read

Data Discovery & Security

Data governance builds trust, drives positive healthcare outcomes

Discovering and governing sensitive healthcare data helps professionals focus on treatment.

Sam Curcuruto

September 26, 2023 4 min read

Privacy Management

What the new UK-US Data Bridge means for your organization

Businesses in the UK can now transfer personal data to DPF certified US-based organizations

Marco Barone

September 25, 2023 6 min read

Privacy Management

What the new UK-US Data Bridge means for your organization

Businesses in the UK can now transfer personal data to DPF certified US-based organizations

Marco Barone

September 25, 2023 6 min read

Privacy Management

Exploring the ROI of your privacy program

Learn how investing in a privacy program can have a major impact on your organization's ROI.

Bex Evans

September 20, 2023 11 min read

Privacy Management

Exploring the ROI of your privacy program

Learn how investing in a privacy program can have a major impact on your organization's ROI.

Bex Evans

September 20, 2023 11 min read

AI Governance

Embracing responsible AI: Presenting OneTrust AI Governance

Explore how OneTrust AI Governance addresses the growing challenges of AI governance, ensuring visibility, lifecycle management, and risk mitigation in an ever-evolving landscape.

Riyaz Habibbhai

September 18, 2023 3 min read

GRC & Security Assurance

Making enterprise risk manageable for the CISO

Created internally or externally, organizations are handling tons of data — all of which can impact your risk posture. Learn more about empowering the business with enterprise risk management.

Riyaz Habibbhai

September 18, 2023 3 min read

GRC & Security Assurance

Collect once, comply many: Scale your resources and optimize compliance

Create efficiencies and increase visibility by scoping, monitoring, and communicating your compliance posture.

Riyaz Habibbhai

September 18, 2023 5 min read

GRC & Security Assurance

Collect once, comply many: Scale your resources and optimize compliance

Create efficiencies and increase visibility by scoping, monitoring, and communicating your compliance posture.

Riyaz Habibbhai

September 18, 2023 5 min read

AI Governance

Embracing responsible AI: Presenting OneTrust AI Governance

Explore how OneTrust AI Governance addresses the growing challenges of AI governance, ensuring visibility, lifecycle management, and risk mitigation in an ever-evolving landscape.

Riyaz Habibbhai

September 18, 2023 3 min read

GRC & Security Assurance

Making enterprise risk manageable for the CISO

Created internally or externally, organizations are handling tons of data — all of which can impact your risk posture. Learn more about empowering the business with enterprise risk management.

Riyaz Habibbhai

September 18, 2023 3 min read

Data Discovery & Classification

How to better govern your unstructured data

Learn how data governance can help protect your customers' sensitive data as well as meet the legal and security challenges posed by unstructured data.

Jason Koestenblatt

September 13, 2023 5 min read

Data Discovery & Classification

How to better govern your unstructured data

Learn how data governance can help protect your customers' sensitive data as well as meet the legal and security challenges posed by unstructured data.

Jason Koestenblatt

September 13, 2023 5 min read

Data Discovery & Security

What is data governance?

Learn how to build an effective data governance program and the tools you need to unlock the value of your data.

Jason Koestenblatt

September 06, 2023 5 min read

Data Discovery & Security

What is data governance?

Learn how to build an effective data governance program and the tools you need to unlock the value of your data.

Jason Koestenblatt

September 06, 2023 5 min read

Consent & Preferences

OneTrust integrates with Salesforce to enable trusted data use

Marketers are data-driven and need to capture and process data through different systems, including Salesforce Marketing Cloud and Sales Cloud.

Ashlea Cartee

September 06, 2023 3 min read

Consent & Preferences

OneTrust integrates with Salesforce to enable trusted data use

Marketers are data-driven and need to capture and process data through different systems, including Salesforce Marketing Cloud and Sales Cloud.

Ashlea Cartee

September 06, 2023 3 min read

Consent & Preferences

OneTrust and Snowflake: Manage consent and enable effective data governance

Enabling data teams to better understand where sensitive data lives in the Data Cloud, use data responsibly, and ensure proper consent is granted

Param Gopalasamy

August 31, 2023 5 min read

Consent & Preferences

OneTrust and Snowflake: Manage consent and enable effective data governance

Enabling data teams to better understand where sensitive data lives in the Data Cloud, use data responsibly, and ensure proper consent is granted for personal data access and use

Param Gopalasamy

August 31, 2023 5 min read

Preferencias y consentimiento

OneTrust se integra con Salesforce para habilitar el uso de datos de confianza

Gestiona tu entorno en Salesforce dando prioridad a la privacidad gracias a OneTrust Consent & Preference Management

agosto 29, 2023 4 min read

Speak-Up Program Management

What you need to know about… whistleblowers (and UFOs)

Learn what it means to be a whistleblower and about the global regulations designed to protect them.

Param Gopalasamy

August 22, 2023 7 min read

Speak-Up Program Management

What you need to know about… whistleblowers (and UFOs)

Learn what it means to be a whistleblower and about the global regulations designed to protect them.

Param Gopalasamy

August 22, 2023 7 min read

Consent & Preferences

Navigating TCF 2.2 and Google’s consent management platform requirements

Learn how TCF 2.2 affects Google's consent management platform's (CMP) requirements and what you need to know to achieve compliance.

August 11, 2023 6 min read

Consent & Preferences

Navigating TCF 2.2 and Google’s consent management platform requirements

Learn how TCF 2.2 affects Google's consent management platform's (CMP) requirements and what you need to know to achieve compliance.

August 11, 2023 6 min read

Privacy Management

India passes Digital Personal Data Protection Bill

On August 9, 2023, the Digital Personal Data Protection Bill was passed through the Upper House of Parliament in India. Here’s what you need to know about the Bill.

Robb Hiscock

August 11, 2023 6 min read

Privacy Management

India passes Digital Personal Data Protection Bill

On August 9, 2023, the Digital Personal Data Protection Bill was passed through the Upper House of Parliament in India. Here’s what you need to know about the Bill.

Robb Hiscock

August 11, 2023 6 min read

Internal Audit Management

What is NIST CSF? Everything you need to know

Learn about the NIST CSF and explore how this cybersecurity framework may benefit your organization.

Katrina Dalao

August 10, 2023 7 min read

Internal Audit Management

What is NIST CSF? Everything you need to know

Learn about the NIST CSF and explore how this cybersecurity framework may benefit your organization.

Katrina Dalao

August 10, 2023 7 min read

Internal Audit Management

What’s the difference between NIST 800-53 vs. NIST 800-171?

Understand which cybersecurity framework applies to your organization

Katrina Dalao

August 08, 2023 9 min read

Internal Audit Management

What’s the difference between NIST 800-53 vs. NIST 800-171?

Understand which cybersecurity framework applies to your organization

Katrina Dalao

August 08, 2023 9 min read

ESG Program Management

What is the EU Digital Rights and Principles Directive?

Learn the key points of the EU Digital Rights and Principles Directive and what best practices to consider when achieving compliance.

Param Gopalasamy

August 04, 2023 5 min read

ESG Program Management

What is the EU Digital Rights and Principles Directive?

Learn the key points of the EU Digital Rights and Principles Directive and what best practices to consider when achieving compliance.

Param Gopalasamy

August 04, 2023 5 min read

Internal Audit Management

PCI DSS 4.0: Your questions answered

Prepare your organization for PCI DSS 4.0 with these resources from audit and security professionals.

August 02, 2023 8 min read

Internal Audit Management

PCI DSS 4.0: Your questions answered

Prepare your organization for PCI DSS 4.0 with these resources from audit and security professionals.

August 02, 2023 8 min read

ESG Program Management

What is the EU Due Diligence Act?

Learn how this directive aims to make EU corporations accountable for their environmental and social impact

Param Gopalasamy

August 02, 2023 5 min read

ESG Program Management

What is the EU Due Diligence Act?

Learn how this directive aims to make EU corporations accountable for their environmental and social impact

Param Gopalasamy

August 02, 2023 5 min read

Privacy Management

A guide to Privacy by Design

The concept of Privacy by Design should be familiar to most privacy professionals but understanding how to implement it can be a different story. 

Robb Hiscock

August 02, 2023 6 min read

Privacy Management

A guide to Privacy by Design

The concept of Privacy by Design should be familiar to most privacy professionals but understanding how to implement it can be a different story. 

Robb Hiscock

August 02, 2023 6 min read

Trust Transformation

Does your organization need a Trust Office?

Instead of ‘business as usual,’ organizations should focus on building trustworthy products through processes and people

Andrew Clearwater

July 25, 2023 6 min read

Trust Transformation

Does your organization need a Trust Office?

Instead of ‘business as usual,’ organizations should focus on building trustworthy products through processes and people

Andrew Clearwater

July 25, 2023 6 min read

Trust Transformation

TrustWeek 2023: Agenda now live

The ultimate conference for privacy, security, marketing, ethics, and ESG professionals comes to life with sessions on AI, IT risk, third party management, and more

July 19, 2023 5 min read

Trust Transformation

TrustWeek 2023: Agenda now live

The ultimate conference for privacy, security, marketing, ethics, and ESG professionals comes to life with sessions on AI, IT risk, third party management, and more

July 19, 2023 5 min read

Consent & Preferences

The ultimate guide to first-party data

Learn the best way to connect with your customers by building a first-party data marketing strategy.

Param Gopalasamy

July 13, 2023 18 min read

AI Governance

Approaching the OECD Framework for the Classification of AI Systems

Artificial Intelligence has the power to unlock benefits for businesses and society. However, it also poses significant risks that can be managed through frameworks such as the OECD’s.

Bex Evans

July 13, 2023 9 min read

AI Governance

Approaching the OECD Framework for the Classification of AI Systems

Artificial Intelligence has the power to unlock benefits for businesses and society. However, it also poses significant risks that can be managed through frameworks such as the OECD’s.

Bex Evans

July 13, 2023 9 min read

Consent & Preferences

The ultimate guide to first-party data

Learn the best way to connect with your customers by building a first-party data marketing strategy.

Param Gopalasamy

July 13, 2023 18 min read

Responsible AI

Unpacking the EU AI Act and its impact on the UK

Prepare your business for EU AI Act and its impact on the UK with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Responsible AI

Unpacking the EU AI Act and its impact on the UK

Prepare your business for EU AI Act and its impact on the UK with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Privacy Management

Delaware becomes twelfth state to pass comprehensive privacy act

The Delaware Personal Data Protection Act is set to become the twelfth privacy act in the US introducing a range of obligations on businesses that operate in the state. 

Robb Hiscock

July 12, 2023 6 min read

Privacy Management

Delaware becomes twelfth state to pass comprehensive privacy act

The Delaware Personal Data Protection Act is set to become the twelfth privacy act in the US introducing a range of obligations on businesses that operate in the state. 

Robb Hiscock

July 12, 2023 6 min read

Privacy & Data Governance

EU-US Data Privacy Framework: A brief history

The EU-US DPF is the latest chapter in a story that has been ongoing for over two decades, but how did we get here?

Robb Hiscock

July 12, 2023 5 min read

Privacy & Data Governance

EU-US Data Privacy Framework: A brief history

The EU-US DPF is the latest chapter in a story that has been ongoing for over two decades, but how did we get here?

Robb Hiscock

July 12, 2023 5 min read

Third-Party Risk

How to start a third-party risk management program: Implement effective processes across your organization

Learn how to implement an effective third-party risk management program that meets your organization's needs.

Katrina Dalao

July 11, 2023 5 min read

Third-Party Risk

How to start a third-party risk management program: Monitor and maintain performance

How to start a third-party risk management program: Monitor and maintain performance

Katrina Dalao

July 11, 2023 5 min read

Third-Party Risk

How to start a third-party risk management program: Get leadership buy-in

Create a TPRM program that addresses your organization’s highest security risks and aligns with strategic objectives

Katrina Dalao

July 11, 2023 5 min read

Third-Party Risk

How to start a third-party risk management program: Implement effective processes across your organization

Learn how to implement an effective third-party risk management program that meets your organization's needs.

Katrina Dalao

July 11, 2023 5 min read

Third-Party Risk

How to start a third-party risk management program: Monitor and maintain performance

How to start a third-party risk management program: Monitor and maintain performance

Katrina Dalao

July 11, 2023 5 min read

Third-Party Risk

How to start a third-party risk management program: Get leadership buy-in

Create a TPRM program that addresses your organization’s highest security risks and aligns with strategic objectives

Katrina Dalao

July 11, 2023 5 min read

Internal Audit Management

What's new in PCI DSS v4.0: How to prepare your organization

Keep your account data safe with the latest payment security standard

Katrina Dalao

July 10, 2023 7 min read

Internal Audit Management

What's new in PCI DSS v4.0: How to prepare your organization

Keep your account data safe with the latest payment security standard

Katrina Dalao

July 10, 2023 7 min read

Privacy Management

European Commission adopts adequacy decision for EU-US Data Privacy Framework

On July 10, 2023, the European Commission adopted its adequacy decision on the EU-US Data Privacy Framework restoring an important data transfer mechanism between the EU and US.

Robb Hiscock

July 10, 2023 7 min read

Privacy Management

European Commission adopts adequacy decision for EU-US Data Privacy Framework

On July 10, 2023, the European Commission adopted its adequacy decision on the EU-US Data Privacy Framework restoring an important data transfer mechanism between the EU and US.

Robb Hiscock

July 10, 2023 7 min read

Privacy Management

US privacy law: When to conduct a Privacy Impact Assessment and what to include

Privacy Impact Assessments are commonplace among most modern privacy laws but understanding your requirements in a patchwork of US state privacy can be challenging.

Robb Hiscock

July 05, 2023 9 min read

Privacy Management

US privacy law: When to conduct a Privacy Impact Assessment and what to include

Privacy Impact Assessments are commonplace among most modern privacy laws but understanding your requirements in a patchwork of US state privacy can be challenging.

Robb Hiscock

July 05, 2023 9 min read

Consent & Preferences

What you need to know about... Data protection in a Black Mirror world

Unraveling Black Mirror's privacy snafus: When science fiction meets reality, but forgets to do its privacy law homework

Param Gopalasamy

June 30, 2023 15 min read

Consent & Preferences

What you need to know about... Data protection in a Black Mirror world

Unraveling Black Mirror's privacy snafus: When science fiction meets reality, but forgets to do its privacy law homework

Param Gopalasamy

June 30, 2023 15 min read

Third-Party Risk

How to start a third-party risk management program: Understand the types of third-party risks

Learn about the different types of third-party risks and how to address each one

Katrina Dalao

June 29, 2023 6 min read

Third-Party Risk

How to start a third-party risk management program: Understand the types of third-party risks

Learn about the different types of third-party risks and how to address each one

Katrina Dalao

June 29, 2023 6 min read

Privacy Management

Oregon passes comprehensive privacy bill. Awaits Governor’s signature

Oregon becomes the 11th state to pass comprehensive privacy law that becomes effective on July 1, 2024

Robb Hiscock

June 28, 2023 6 min read

Privacy Management

Oregon passes comprehensive privacy bill. Awaits Governor’s signature

Oregon becomes the 11th state to pass comprehensive privacy law that becomes effective on July 1, 2024

Robb Hiscock

June 28, 2023 6 min read

Privacy Management

Quebec’s Law 25: What is it and what do you need to know?

Privacy in Quebec has undergone a significant overhaul under Law 25 (previously known as Bill 64). The province will see several new requirements becoming effective in September 2023. 

Robb Hiscock

June 27, 2023 6 min read

Privacy Management

Quebec’s Law 25: What is it and what do you need to know?

Privacy in Quebec has undergone a significant overhaul under Law 25 (previously known as Bill 64). The province will see several new requirements becoming effective in September 2023. 

Robb Hiscock

June 27, 2023 6 min read

Third-Party Due Diligence

The global regulations driving third-party due diligence

We cover the key regulations to know for managing third-party risk

Kelly Maxwell

June 21, 2023 6 min read

Third-Party Due Diligence

The global regulations driving third-party due diligence

We cover the key regulations to know for managing third-party risk

Kelly Maxwell

June 21, 2023 6 min read

Privacy Management

Preparing for new privacy legislation in Canada – Part three

Bill C-27 will introduce the Artificial Intelligence and Data Act to help regulate the responsible use and development of AI in Canada. 

Neil Saddington

June 20, 2023 5 min read

Privacy Management

Preparing for new privacy legislation in Canada – Part three

Bill C-27 will introduce the Artificial Intelligence and Data Act to help regulate the responsible use and development of AI in Canada. 

Neil Saddington

June 20, 2023 5 min read

Data Discovery & Classification

Shifting left: Classifying and managing data sprawl at collection

Learn how to effectively discover and classify data by staring near the point of data collection to avoid data sprawl and inaccuracies.

June 15, 2023 2 min read

What is a PCI DSS self-assessment questionnaire?

Self-assessment questionnaires help evaluate and prove PCI DSS compliance. Find out which SAQ is right for your organization

Katrina Dalao

June 15, 2023 5 min read

Data Discovery & Classification

Shifting left: Classifying and managing data sprawl at collection

Learn how to effectively discover and classify data by staring near the point of data collection to avoid data sprawl and inaccuracies.

June 15, 2023 2 min read

What is a PCI DSS self-assessment questionnaire?

Self-assessment questionnaires help evaluate and prove PCI DSS compliance. Find out which SAQ is right for your organization

Katrina Dalao

June 15, 2023 5 min read

Internal Audit Management

What is PCI DSS?

Learn the basics about PCI DSS, how it applies to your organization, and what you need to prove compliance.

Katrina Dalao

June 14, 2023 7 min read

Internal Audit Management

What is PCI DSS?

Learn the basics about PCI DSS, how it applies to your organization, and what you need to prove compliance.

Katrina Dalao

June 14, 2023 7 min read

Data Discovery & Classification

Discover and connect to all your data in any environment

OneTrust Data Discovery has mass coverage with 200 pre-built connectors, and an open SDK for custom data sources

Sam Curcuruto

June 08, 2023 2 min read

Data Discovery & Classification

Discover and connect to all your data in any environment

OneTrust Data Discovery has mass coverage with 200 pre-built connectors, and an open SDK for custom data sources

Sam Curcuruto

June 08, 2023 2 min read

Privacy & Data Governance

Preparing for new privacy legislation in Canada: Part two

Bill C-27 is set to overhaul privacy law in Canada. Part 2 of the bill proposes a substantial transformation in the enforcement of the CPPA through a new organization.

Neil Saddington

June 06, 2023 5 min read

Privacy & Data Governance

Preparing for new privacy legislation in Canada: Part two

Bill C-27 is set to overhaul privacy law in Canada. Part 2 of the bill proposes a substantial transformation in the enforcement of the CPPA through a new organization.

Neil Saddington

June 06, 2023 5 min read

Consent & Preferences

What you need to know about first-party data

We cover the basics of first-party data and why it's so important in the digital age.

Param Gopalasamy

June 06, 2023 4 min read

Consent & Preferences

What you need to know about first-party data

We cover the basics of first-party data and why it's so important in the digital age.

Param Gopalasamy

June 06, 2023 4 min read

Data Discovery & Classification

How does Microsoft 365 integrate with OneTrust Data Discovery?

Learn how OneTrust Data Discovery integrates with Microsoft 365 to build an all-encompassing, centralized data catalog out of your unstructured data.

Sam Curcuruto

June 02, 2023 3 min read

Data Discovery & Classification

How does Microsoft 365 integrate with OneTrust Data Discovery?

Learn how OneTrust Data Discovery integrates with Microsoft 365 to build an all-encompassing, centralized data catalog out of your unstructured data.

Sam Curcuruto

June 02, 2023 3 min read

Third-Party Risk

HackNotice and OneTrust partner for deeper third-party threat intelligence

OneTrust customers can take advantage of HackNotice’s near real-time breach alerts.

June 01, 2023 3 min read

Third-Party Risk

HackNotice and OneTrust partner for deeper third-party threat intelligence

OneTrust customers can take advantage of HackNotice’s near real-time breach alerts.

June 01, 2023 3 min read

Privacy Management

Assessing your international data transfers post-DPC ruling

The recent decision cast fresh doubt over the effectiveness of transfer safeguards and supplementary measures in conjunction with the practical application of third-country surveillance laws. 

Linda Thielova

June 01, 2023 8 min read

Privacy Management

Assessing your international data transfers post-DPC ruling

The recent decision cast fresh doubt over the effectiveness of transfer safeguards and supplementary measures in conjunction with the practical application of third-country surveillance laws. 

Linda Thielova

June 01, 2023 8 min read

Privacy Management

Florida looks to pass Digital Bill of Rights

The bill now awaits the Governor’s signature, which would allow consumers more visibility into their data that’s been collected by businesses 

Alexis Kateifides

May 31, 2023 5 min read

Privacy Management

Florida looks to pass Digital Bill of Rights

The bill now awaits the Governor’s signature, which would allow consumers more visibility into their data that’s been collected by businesses 

Alexis Kateifides

May 31, 2023 5 min read

Privacy & Data Governance

Google Play Store data requirements (and how to handle them)

The latest updates on Google Play Store app requirements, as well as how OneTrust Mobile App Consent can help your organization stay compliant

Ashlea Cartee

May 31, 2023 7 min read

Privacy & Data Governance

Google Play Store data requirements (and how to handle them)

The latest updates on Google Play Store app requirements, as well as how OneTrust Mobile App Consent can help your organization stay compliant

Ashlea Cartee

May 31, 2023 7 min read

Privacy Management

Data Privacy and Security Act passed in Texas

The Texas Data Privacy and Security Act will become the fifth piece of US privacy legislation to pass this year and, once signed, will become effective on July 1, 2024.

Robb Hiscock

May 31, 2023 6 min read

Privacy Management

Data Privacy and Security Act passed in Texas

The Texas Data Privacy and Security Act will become the fifth piece of US privacy legislation to pass this year and, once signed, will become effective on July 1, 2024.

Robb Hiscock

May 31, 2023 6 min read

Privacy Management

3 priorities for the French DPO: Priority 3 – automate

Automation is key to freeing up valuable time and resources that can then be dedicated to other areas of your compliance program.

Robb Hiscock

May 30, 2023 6 min read

Privacy Management

3 priorities for the French DPO: Priority 3 – automate

Automation is key to freeing up valuable time and resources that can then be dedicated to other areas of your compliance program.

Robb Hiscock

May 30, 2023 6 min read

Data Discovery & Classification

How a data discovery solution keeps your organization secure

Finding and classifying data is just the first step in your discovery and security process

Jason Koestenblatt

May 25, 2023 5 min read

Data Discovery & Classification

How a data discovery solution keeps your organization secure

Finding and classifying data is just the first step in your discovery and security process

Jason Koestenblatt

May 25, 2023 5 min read

Data Discovery & Security

ROT data is a security issue: How are you handling it?

Automating data discovery is the first step in classifying obsolete digital information

Sam Curcuruto

May 23, 2023 3 min read

Privacy Management

Reflecting on 5 years of the GDPR

Look back on five years of the EU’s General Data Protection Regulation with expert views infographics, eBooks, and more

Robb Hiscock

May 23, 2023 5 min read

Data Discovery & Security

ROT data is a security issue: How are you handling it?

Automating data discovery is the first step in classifying obsolete digital information

Sam Curcuruto

May 23, 2023 3 min read

Privacy Management

Reflecting on 5 years of the GDPR

Look back on five years of the EU’s General Data Protection Regulation with expert views infographics, eBooks, and more

Robb Hiscock

May 23, 2023 5 min read

Consent & Preferences

First party data 101: What your marketing team needs to know

Read more to answer frequently asked questions around first-party data and how your organization can take advantage of it

Ashlea Cartee

May 23, 2023 6 min read

Consent & Preferences

First party data 101: What your marketing team needs to know

Read more to answer frequently asked questions around first-party data and how your organization can take advantage of it

Ashlea Cartee

May 23, 2023 6 min read

Inteligencia para la confianza

OneTrust presenta innovaciones para habilitar el uso responsable de los datos y el trust intelligence a gran escala

OneTrust anuncia nuevas innovaciones dentro de su plataforma de Trust Intelligence para ayudar a las empresas a utilizar los datos de forma responsable y desarrollar inteligencia de confianza a escala.

mayo 23, 2023 5 min read

Preferencias y consentimiento

Nuevos requisitos de Google en materia de sistemas de gestión de consentimientos

Google ha anunciado sus últimos requisitos en relación con las plataformas de gestión del consentimiento para organizaciones que utilizan su red para anuncios.

mayo 22, 2023 3 min read

Data Discovery & Classification

Data discovery helps governance teams stay secure

Data governance is needed for organizations to meet compliance requirements

Sam Curcuruto

May 18, 2023 3 min read

Data Discovery & Classification

Data discovery helps governance teams stay secure

Data governance is needed for organizations to meet compliance requirements

Sam Curcuruto

May 18, 2023 3 min read

Responsible AI

Embracing responsible AI: 3 steps to get your organization started

With the latest statement from the White House on responsible AI, it’s clear AI is firmly in the spotlight. Find out how your organization can establish a foundation to address AI risks.

Alexis Kateifides

May 16, 2023 4 min read

Data Discovery & Classification

Why is data minimization important for your security teams?

Unused digital information is an easy target for hackers, increasing your organization’s risk 

May 16, 2023 2 min read

Data Discovery & Classification

Why is data minimization important for your security teams?

Unused digital information is an easy target for hackers, increasing your organization’s risk 

May 16, 2023 2 min read

Consent & Preferences

What the latest Google CMP requirements mean for your organization

Google announced their latest requirements around consent management platforms for organizations that utilize their network for ads

Ryan Karlin

May 16, 2023 3 min read

Responsible AI

Embracing responsible AI: 3 steps to get your organization started

With the latest statement from the White House on responsible AI, it’s clear AI is firmly in the spotlight. Find out how your organization can establish a foundation to address AI risks.

Alexis Kateifides

May 16, 2023 4 min read

Consent & Preferences

What the latest Google CMP requirements mean for your organization

Google announced their latest requirements around consent management platforms for organizations that utilize their network for ads

Ryan Karlin

May 16, 2023 3 min read

Responsible AI

Top 10 AI governance essentials every CPO needs to know in 2023

Learn how to integrate AI governance into your product strategies to achieve responsible AI use

Linda Thielova

May 15, 2023 5 min read

Responsible AI

Top 10 AI governance essentials every CPO needs to know in 2023

Learn how to integrate AI governance into your product strategies to achieve responsible AI use

Linda Thielova

May 15, 2023 5 min read

Einwilligung & Präferenzen

Was die neuesten Google CMP-Anforderungen für Ihr Unternehmen bedeuten

Dieser Blog adressiert die in 2023 in Kraft getretenen Änderungen bei Google Ads, die Unternehmen dazu auffordern, Einwilligungslösungen zu implementieren, die Datenschutz und Personalisierung in Einklang bringen.

Mai 15, 2023 3 min read

Einwilligung & Präferenzen

Was die neuesten Google CMP-Anforderungen für Ihr Unternehmen bedeuten

Dieser Blog adressiert die in 2023 in Kraft getretenen Änderungen bei Google Ads, die Unternehmen dazu auffordern, Einwilligungslösungen zu implementieren, die Datenschutz und Personalisierung in Einklang bringen.

Mai 15, 2023 3 min read

Privacy & Data Governance

OneTrust unveils latest platform innovations to drive responsible data use and business resilience

Enhancements to our Trust Intelligence Platform help organizations unlock the value of trust 

OneTrust Editorial Team

May 12, 2023

Privacy & Data Governance

OneTrust unveils latest platform innovations to drive responsible data use and business resilience

Enhancements to our Trust Intelligence Platform help organizations unlock the value of trust 

OneTrust Editorial Team

May 12, 2023

Ethics & Compliance

‘Culture of compliance’ behind DOJ’s voluntary self-disclosure updates

Is your compliance program ready to do the right thing and step up and own up to misconduct?

Jisha Dymond

May 12, 2023 8 min read

Ethics & Compliance

‘Culture of compliance’ behind DOJ’s voluntary self-disclosure updates

Is your compliance program ready to do the right thing and step up and own up to misconduct?

Jisha Dymond

May 12, 2023 8 min read

GRC & Security Assurance

Data retention policies should be automated to reduce risk

Tooling can create benefits for the organization while staying compliant with regulations

Jason Koestenblatt

May 11, 2023 4 min read

GRC & Security Assurance

Data retention policies should be automated to reduce risk

Tooling can create benefits for the organization while staying compliant with regulations

Jason Koestenblatt

May 11, 2023 4 min read

Ethics Program Management

Building a strategic framework for policy governance

Learn how a "policy on policies" can create effecitve ethics governance and risk management frameworks.

Gbemi Yusuff

May 10, 2023 6 min read

Ethics Program Management

Building a strategic framework for policy governance

Learn how a "policy on policies" can help create a framework for effective ethics policy governance and risk management.

Gbemi Yusuff

May 10, 2023 6 min read

Privacy Management

A privacy professional's guide to navigating responsible AI adoption

Learn how privacy professionals can guide their organizations towards responsible AI adoption by developing a comprehensive AI strategy that integrates privacy considerations, fostering a privacy-focused culture around AI decision-making, and navigating the risks of AI.

May 09, 2023 6 min read

Privacy Management

A privacy professional's guide to navigating responsible AI adoption

Learn how privacy professionals can guide their organizations towards responsible AI adoption by developing a comprehensive AI strategy that integrates privacy considerations, fostering a privacy-focused culture around AI decision-making, and navigating the risks of AI.

May 09, 2023 6 min read

Internal Audit Management

How to reduce audit fatigue: 5 remedies for InfoSec pros

How do you alleviate audit fatigue in your InfoSec team? Here are 5 practical remedies to reduce the stress and workload of frequent security audits

Katrina Dalao

May 08, 2023 8 min read

Internal Audit Management

How to reduce audit fatigue: 5 remedies for InfoSec pros

How do you alleviate audit fatigue in your InfoSec team? Here are 5 practical remedies to reduce the stress and workload of frequent security audits

Katrina Dalao

May 08, 2023 8 min read

Data Discovery & Classification

How automation helps reduce your sensitive data footprint

Establish data retention and minimization policies to reduce your organization’s attack surface

Sam Curcuruto

May 05, 2023 4 min read

Privacy Management

Navigating the NIST AI Risk Management Framework with confidence

The NIST AI Risk Management Framework can help your organization to manage the risks associated with AI. Read the blog to learn how.

Laurence McNally

May 05, 2023 5 min read

Data Discovery & Classification

How automation helps reduce your sensitive data footprint

Establish data retention and minimization policies to reduce your organization’s attack surface

Sam Curcuruto

May 05, 2023 4 min read

Privacy Management

Navigating the NIST AI Risk Management Framework with confidence

The NIST AI Risk Management Framework can help your organization to manage the risks associated with AI. Read the blog to learn how.

Laurence McNally

May 05, 2023 5 min read

Data Discovery & Classification

Expanding our data discovery leadership with machine learning classification tools

Learn how OneTrust Data Discovery uses AI, machine learning, and privacy by design to ensure responsible and compliant data governance.

Sam Curcuruto

May 04, 2023 3 min read

Data Discovery & Classification

Expanding our data discovery leadership with machine learning classification tools

Learn how OneTrust Data Discovery uses AI, machine learning, and privacy by design to ensure responsible and compliant data governance.

Sam Curcuruto

May 04, 2023 3 min read

Privacy & Data Governance

Indiana set to become the 7th state to pass a comprehensive privacy law

The Indiana Consumer Data Protection Act will be set to take effect in 2026.

Alexis Kateifides

May 04, 2023 3 min read

Privacy & Data Governance

Indiana set to become the 7th state to pass a comprehensive privacy law

The Indiana Consumer Data Protection Act will be set to take effect in 2026.

Alexis Kateifides

May 04, 2023 3 min read

Internal Audit Management

What is information security compliance?

What is InfoSec compliance? Learn why compliance is essential for your organization and how it safeguards against cyberthreats.

Katrina Dalao

May 04, 2023 7 min read

Internal Audit Management

What is information security compliance?

What is InfoSec compliance? Learn why compliance is essential for your organization and how it safeguards against cyberthreats.

Katrina Dalao

May 04, 2023 7 min read

Privacy Management

Making privacy and trust a strategic imperative

Privacy has evolved beyond compliance. See what Forrester analyst Enza Iannopollo had to say about making privacy and trust a strategic imperative

Robb Hiscock, featuring Enza Iannopollo

May 03, 2023 7 min read

Privacy Management

Making privacy and trust a strategic imperative

Privacy has evolved beyond compliance. See what Forrester analyst Enza Iannopollo had to say about making privacy and trust a strategic imperative

Robb Hiscock, featuring Enza Iannopollo

May 03, 2023 7 min read

Privacy Management

Tennessee passes Information Protection Act

Discover the impact of the Tennessee Information Protection Act (TIPA), passed on April 21, 2023, as it reshapes the US privacy landscape with new requirements for businesses, including risk assessments, data minimization, and opt-in consent for processing sensitive information, effective July 1, 2025.

Robb Hiscock

April 26, 2023 5 min read

Privacy Management

Tennessee passes Information Protection Act

Discover the impact of the Tennessee Information Protection Act (TIPA), passed on April 21, 2023, as it reshapes the US privacy landscape with new requirements for businesses, including risk assessments, data minimization, and opt-in consent for processing sensitive information, effective July 1, 2025.

Robb Hiscock

April 26, 2023 5 min read

ESG Program Management

What is the EU Carbon Border Adjustment Mechanism (CBAM)?

Learn how your organization can prepare for new regulations around carbon emissions in imported goods 

Chris Fenwick

April 25, 2023 4 min read

ESG Program Management

What is the EU Carbon Border Adjustment Mechanism (CBAM)?

Learn how your organization can prepare for new regulations around carbon emissions in imported goods 

Chris Fenwick

April 25, 2023 4 min read

Consent & Preferences

OneTrust Consent and Preferences now integrates with Tealium IQ

Tealium IQ launched Consent Integrations for their tag management system, enabling seamless privacy-first marketing campaigns

Ashlea Cartee

April 21, 2023 3 min read

Consent & Preferences

OneTrust Consent and Preferences now integrates with Tealium IQ

Tealium IQ launched Consent Integrations for their tag management system, enabling seamless privacy-first marketing campaigns

Ashlea Cartee

April 21, 2023 3 min read

Data Discovery & Security

Preparing for new privacy legislation in Canada: Part one

How Canadian companies should respond to the new Consumer Privacy Protection Act (Bill C-27).

Neil Saddington

April 20, 2023 5 min read

Data Discovery & Security

Preparing for new privacy legislation in Canada: Part one

How Canadian companies should respond to the new Consumer Privacy Protection Act (Bill C-27).

Neil Saddington

April 20, 2023 5 min read

Privacy & Data Governance

Vietnam publishes long-awaited Personal Data Protection Decree

Vietnam has finally published its Personal Data Protection Decree (PDPD). We cover its key points and how business can prepare for compliance.

Robb Hiscock

April 19, 2023 8 min read

Privacy & Data Governance

Vietnam publishes long-awaited Personal Data Protection Decree

Vietnam has finally published its Personal Data Protection Decree (PDPD). We cover its key points and how business can prepare for compliance.

Robb Hiscock

April 19, 2023 8 min read

Third-Party Due Diligence

OneTrust partners with Dow Jones Risk & Compliance for data-driven third-party due diligence

Today, we’re excited to announce the partnership between Dow Jones Risk & Compliance and OneTrust Third-Party Due Diligence.

Kelly Maxwell

April 18, 2023 6 min read

Data Discovery & Classification

5 ways to harness data classification to mitigate data sprawl

We explore the issue of data sprawl and how data classification automation tools can help mitigate it.

Bex Evans

April 18, 2023 6 min read

Third-Party Due Diligence

OneTrust partners with Dow Jones Risk & Compliance for data-driven third-party due diligence

Today, we’re excited to announce the partnership between Dow Jones Risk & Compliance and OneTrust Third-Party Due Diligence.

Kelly Maxwell

April 18, 2023 6 min read

Data Discovery & Classification

5 ways to harness data classification to mitigate data sprawl

We explore the issue of data sprawl and how data classification automation tools can help mitigate it.

Bex Evans

April 18, 2023 6 min read

Privacy & Data Governance

Washington state passes My Health My Data Act

The My Health My Data Act provides stronger privacy protections for consumers in relation to their personal health data.

Alexis Kateifides

April 14, 2023 9 min read

Privacy & Data Governance

Washington state passes My Health My Data Act

The My Health My Data Act provides stronger privacy protections for consumers in relation to their personal health data.

Alexis Kateifides

April 14, 2023 9 min read

Riesgos de terceros

¿Por qué elegir OneTrust para la gestión de terceros?

abril 13, 2023 6 min read

Privacy & Data Governance

Making it easier to responsibly use data with new data discovery capabilities

OneTrust's data discovery capabilities make it easier for businesses to understand and use data responsibly by connecting and classifying existing data.

Ojas Rege

March 20, 2023 4 min read

Consent & Preferences

OneTrust + Adobe = Automated consent orchestration

OneTrust Consent and Preferences integrates with Adobe Experience Platform so businesses can provide personalized experiences and comply with regulations.

Alex Cash

March 20, 2023 3 min read

Consent & Preferences

OneTrust + Adobe = Automated consent orchestration

OneTrust Consent and Preferences integrates with Adobe Experience Platform so businesses can provide personalized experiences and comply with regulations.

Alex Cash

March 20, 2023 3 min read

Privacy & Data Governance

Making it easier to responsibly use data with new data discovery capabilities

OneTrust's data discovery capabilities make it easier for businesses to understand and use data responsibly by connecting and classifying existing data.

Ojas Rege

March 20, 2023 4 min read

Privacy & Data Governance

Governor signs comprehensive privacy bill in Iowa

Governor Reynolds of Iowa signed SF262, An Act Relating To Consumer Data Protection offering a more business-friendly approach to privacy.

Robb Hiscock, Content Marketing Specialist, CIPP/E, CIPM, OneTrust

March 17, 2023 5 min read

Privacy & Data Governance

Governor signs comprehensive privacy bill in Iowa

Governor Reynolds of Iowa signed SF262, An Act Relating To Consumer Data Protection offering a more business-friendly approach to privacy.

Robb Hiscock, Content Marketing Specialist, CIPP/E, CIPM, OneTrust

March 17, 2023 5 min read

Data Discovery & Classification

What is data discovery?

Businesses are dealing with unprecedented amounts of digital information that needs to be monitored, managed, and secured.

Jason Koestenblatt, Team Lead, Content Marketing, OneTrust

March 10, 2023 8 min read

Data Discovery & Classification

What is data discovery?

Businesses are dealing with unprecedented amounts of digital information that needs to be monitored, managed, and secured.

Jason Koestenblatt, Team Lead, Content Marketing, OneTrust

March 10, 2023 8 min read

Consent & Preferences

The ROI of purpose-based consent and preference management

Learn how consent management is essential to build trust and delivering personalized customer experiences by collecting and using data responsibly.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust

March 10, 2023 7 min read

Consent & Preferences

The ROI of purpose-based consent and preference management

Learn how consent management is essential to build trust and delivering personalized customer experiences by collecting and using data responsibly.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust

March 10, 2023 7 min read

Automatización de la privacidad

7 pasos para cumplir la norma ISO 31700-1:2023 (norma sobre privacidad desde el diseño)

La norma ISO 31700 define reglas para tratar información personal de los consumidores y abordar su privacidad durante el ciclo de vida del producto.

marzo 10, 2023 6 min read

Third-Party Risk

How to manage third-party risk across your entire business

Businesses need a comprehensive third-party management strategy covering all aspects of their relationships with third parties, such as security, privacy, ethics, and ESG.

March 08, 2023 7 min read

Privacy & Data Governance

UK Data Protection and Digital Information Bill re-introduced to Parliament

The UK Data Protection and Digital Information Bill  aims to reduce the administrative burden on businesses, promote international trade and reduce consent notices.

Robb Hiscock

March 08, 2023 5 min read

ESG & Sustainability

The ultimate guide to board diversity and skills requirements

ESG governance is becoming increasingly important as companies face pressure from stakeholders to address environmental, social, and governance issues.

Chris Fenwick

March 08, 2023 23 min read

Third-Party Risk

How to manage third-party risk across your entire business

Businesses need a comprehensive third-party management strategy covering all aspects of their relationships with third parties, such as security, privacy, ethics, and ESG.

March 08, 2023 7 min read

Privacy & Data Governance

UK Data Protection and Digital Information Bill re-introduced to Parliament

The UK Data Protection and Digital Information Bill  aims to reduce the administrative burden on businesses, promote international trade and reduce consent notices.

Robb Hiscock

March 08, 2023 5 min read

ESG & Sustainability

The ultimate guide to board diversity and skills requirements

ESG governance is becoming increasingly important as companies face pressure from stakeholders to address environmental, social, and governance issues.

Chris Fenwick

March 08, 2023 23 min read

Third-Party Risk

Why data privacy and third-party risk teams need to work together

Sharing information and resources across organizational silos is mutually beneficial for teams with the common goal of mitigating data privacy risk.

Scott Solomon

March 07, 2023 6 min read

GRC & Security Assurance

How to manage privacy and security compliance? 6 questions with GRC experts

Our GRC experts discuss how privacy and security compliance are evolving to meet modern market demands and ushering in a whole new era of automation.

Katrina Dalao, Sr. Content Marketing Specialist, OneTrust

March 07, 2023 8 min read

GRC & Security Assurance

How to manage privacy and security compliance? 6 questions with GRC experts

Our GRC experts discuss how privacy and security compliance are evolving to meet modern market demands and ushering in a whole new era of automation.

Katrina Dalao, Sr. Content Marketing Specialist, OneTrust

March 07, 2023 8 min read

Third-Party Risk

Why data privacy and third-party risk teams need to work together

Sharing information and resources across organizational silos is mutually beneficial for teams with the common goal of mitigating data privacy risk.

Scott Solomon

March 07, 2023 6 min read

GRC & Security Assurance

Understanding IT security frameworks: Types and examples

Security frameworks are roadmaps for developing and implementing effective security programs that protect organizations from threats and vulnerabilities.

Katrina Dalao

March 06, 2023 11 min read

GRC & Security Assurance

Understanding IT security frameworks: Types and examples

Security frameworks are roadmaps for developing and implementing effective security programs that protect organizations from threats and vulnerabilities.

Katrina Dalao

March 06, 2023 11 min read

GRC & Security Assurance

5 ways leaders are automating their GRC programs in 2023

Learn five top functional categories GRC professionals and leaders identify as priorities for creating a mature and meaningful automation strategy.

March 02, 2023 4 min read

Ethics & Compliance

Speak-up culture 101: Why speak-up culture matters and how to build yours

Learn how to build, measure, and grow your speak-up program to foster trust, shared responsibility, and the highest standards of ethical conduct.

Gbemi Yusuff

March 02, 2023 9 min read

GRC & Security Assurance

5 ways leaders are automating their GRC programs in 2023

Learn five top functional categories GRC professionals and leaders identify as priorities for creating a mature and meaningful automation strategy.

March 02, 2023 4 min read

Ethics & Compliance

Speak-up culture 101: Why speak-up culture matters and how to build yours

Learn how to build, measure, and grow your speak-up program to foster trust, shared responsibility, and the highest standards of ethical conduct.

Gbemi Yusuff

March 02, 2023 9 min read

Privacy & Data Governance

How to approach the ICO’s “Privacy in the product design lifecycle”

Learn more about the ICO's "Privacy in the product design lifecycle" guidance and how you can implement Privacy by Design (PbD) in your organization.

Robb Hiscock

March 01, 2023 11 min read

Privacy & Data Governance

How to approach the ICO’s “Privacy in the product design lifecycle”

Learn more about the ICO's "Privacy in the product design lifecycle" guidance and how you can implement Privacy by Design (PbD) in your organization.

Robb Hiscock

March 01, 2023 11 min read

GRC & Security Assurance

10 GRC trends: What’s next for governance, risk, and compliance?

Cybersecurity, third-party risk, and other policies fall under the GRC domain. Here are the top 10 emerging drivers and trends shaping security compliance.

Katrina Dalao

February 23, 2023 5 min read

Privacy & Data Governance

Global Privacy Platform (GPP): What this means for ad tech and US privacy laws

IAB Tech Lab, the digital advertising technical standards-setting body, recently announced the launch of its Global Privacy Platform (GPP).

Ashlea Cartee

February 23, 2023 4 min read

GRC & Security Assurance

10 GRC trends: What’s next for governance, risk, and compliance?

Cybersecurity, third-party risk, and other policies fall under the GRC domain. Here are the top 10 emerging drivers and trends shaping security compliance.

Katrina Dalao

February 23, 2023 5 min read

Privacy & Data Governance

Global Privacy Platform (GPP): What this means for ad tech and US privacy laws

IAB Tech Lab, the digital advertising technical standards-setting body, recently announced the launch of its Global Privacy Platform (GPP).

Ashlea Cartee

February 23, 2023 4 min read

Privacy & Data Governance

3 priorities for the French DPO: 1. Gain visibility

DPOs must have visibility into what teams are doing and work closely with the CISO to help direct organizational processes toward data protection and security.

Noshin Khan

February 22, 2023 9 min read

Privacy & Data Governance

3 priorities for the French DPO: 1. Gain visibility

DPOs must have visibility into what teams are doing and work closely with the CISO to help direct organizational processes toward data protection and security.

Noshin Khan

February 22, 2023 9 min read

Trust Intelligence

OneTrust kicks off new year with strong momentum, building on successes from 2022

In 2023, we are focused on continuing to innovate across this platform, focusing on the core areas of privacy, security, ethics, compliance, and ESG. 

February 20, 2023 5 min read

Ethics Program Management

Speak-up culture toolkit: Policy management

Learn how effective policy management drives employee engagement and strengthens your company speak-up culture.

Noshin Kahn

February 20, 2023 7 min read

Trust Intelligence

OneTrust kicks off new year with strong momentum, building on successes from 2022

In 2023, we are focused on continuing to innovate across this platform, focusing on the core areas of privacy, security, ethics, compliance, and ESG. 

February 20, 2023 5 min read

Ethics Program Management

Speak-up culture toolkit: Policy management

Learn how effective policy management drives employee engagement and strengthens your company speak-up culture.

Noshin Kahn

February 20, 2023 7 min read

GRC & Security Assurance

OneTrust introduces Certification Automation

OneTrust Certification Automation facilitates the compliance and audit process to help you achieve security certifications in half the time. 

Katrina Dalao

February 16, 2023 3 min read

GRC & Security Assurance

OneTrust introduces Certification Automation

OneTrust Certification Automation facilitates the compliance and audit process to help you achieve security certifications in half the time. 

Katrina Dalao

February 16, 2023 3 min read

Third-Party Risk

Supply Wisdom risk intelligence is now available in OneTrust’s Third-Party Risk Exchange

The partnership with Supply Wisdom brings compliance, financial, location-based ESG, and cyber risk data to Exchange customers and their third parties.

Chet Devchand, Director, Business Development Management

February 14, 2023 3 min read

Third-Party Risk

Supply Wisdom risk intelligence is now available in OneTrust’s Third-Party Risk Exchange

The partnership with Supply Wisdom brings compliance, financial, location-based ESG, and cyber risk data to Exchange customers and their third parties.

Chet Devchand, Director, Business Development Management

February 14, 2023 3 min read

Third-Party Due Diligence

Speak-up culture toolkit: Inviting third parties to contribute

Creating a strong, healthy speak-up culture requires you to empower all participants, including third parties, to raise issues related to ethics and compliance.

Gbemi Yusuff

February 13, 2023 6 min read

Third-Party Due Diligence

Speak-up culture toolkit: Inviting third parties to contribute

Creating a strong, healthy speak-up culture requires you to empower all participants, including third parties, to raise issues related to ethics and compliance.

Gbemi Yusuff

February 13, 2023 6 min read

GRC & Security Assurance

7 steps to comply with ISO 31700-1:2023 (standard on Privacy by Design)

This standard looks to define clear rules for organizations around how consumers’ personal information is processed and how consumer privacy is addressed throughout the product lifecycle

Linda Thielova

February 10, 2023 7 min read

GRC & Security Assurance

7 steps to comply with ISO 31700-1:2023 (standard on Privacy by Design)

This standard looks to define clear rules for organizations around how consumers’ personal information is processed and how consumer privacy is addressed throughout the product lifecycle

Linda Thielova

February 10, 2023 7 min read

ESG & Sustainability

The EU Taxonomy: What you need to know

With two objectives of the EU Taxonomy in effect, make sure your organization is on top of compliance with new ESG reporting requirements.

Chris Fenwick, OneTrust Head of ESG Center of Excellence

February 09, 2023 6 min read

ESG & Sustainability

The EU Taxonomy: What you need to know

With two objectives of the EU Taxonomy in effect, make sure your organization is on top of compliance with new ESG reporting requirements.

Chris Fenwick, OneTrust Head of ESG Center of Excellence

February 09, 2023 6 min read

Privacy & Data Governance

What California’s CCPA investigative sweep means for your mobile applications

The California Attorney General declared an investigative sweep of mobile apps that don't comply with certain CCPA opt-out and consumer request provisions.

Alex Cash

February 01, 2023 5 min read

Privacy & Data Governance

What California’s CCPA investigative sweep means for your mobile applications

The California Attorney General declared an investigative sweep of mobile apps that don't comply with certain CCPA opt-out and consumer request provisions.

Alex Cash

February 01, 2023 5 min read

Consent & Preferences

The ultimate guide to US opt-out requirements

Five new US state privacy laws mean five new sets of opt-out requirements. Learn how to make sure your organization maintains compliance in 2023.

Ashlea Cartee

January 31, 2023 10 min read

Consent & Preferences

The ultimate guide to US opt-out requirements

Five new US state privacy laws mean five new sets of opt-out requirements. Learn how to make sure your organization maintains compliance in 2023.

Ashlea Cartee

January 31, 2023 10 min read

ESG & Sustainability

ESG reporting 101: Guide to ESG standards and sustainability frameworks

As norms and standards continue to evolve, you should be prepared to respond with your own ESG reporting strategy and management.

Julie Yamamoto

January 30, 2023 23 min read

ESG & Sustainability

ESG reporting 101: Guide to ESG standards and sustainability frameworks

As norms and standards continue to evolve, you should be prepared to respond with your own ESG reporting strategy and management.

Julie Yamamoto

January 30, 2023 23 min read

Privacy & Data Governance

Colorado AG releases third version of draft CPA regulations

The latest version of the draft Colorado Privacy Act regulations is based on the outcome of the public consultation held between October 2022 and January 2023.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 30, 2023 13 min read

Privacy & Data Governance

Colorado AG releases third version of draft CPA regulations

The latest version of the draft Colorado Privacy Act regulations is based on the outcome of the public consultation held between October 2022 and January 2023.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 30, 2023 13 min read

Privacy & Data Governance

Your guide to celebrating Data Privacy Day 2023

Data Privacy Day 2023 is a great chance to raise awareness of privacy and data protection issues from around the world and your organization.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 25, 2023 7 min read

Privacy & Data Governance

Your guide to celebrating Data Privacy Day 2023

Data Privacy Day 2023 is a great chance to raise awareness of privacy and data protection issues from around the world and your organization.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 25, 2023 7 min read

ESG & Sustainability

Ultimate guide to the EU CSRD ESG regulation for businesses

This guide provides everything your business needs to know about the upcoming EU ESG regulation - the Corporate Sustainability Reporting Directive (CSRD).

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

January 20, 2023 16 min read

ESG & Sustainability

Ultimate guide to the EU CSRD ESG regulation for businesses

This guide provides everything your business needs to know about the upcoming EU ESG regulation - the Corporate Sustainability Reporting Directive (CSRD).

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

January 20, 2023 16 min read

Ethics & Compliance

Speak-up culture toolkit: Leveraging disclosure data to drive a speak-up culture

Healthy disclosure rates are an indicator of a strong speak-up culture. Discover how to improve disclosure participation and engagement.

Noshin Khan

January 17, 2023 4 min read

Ethics & Compliance

Speak-up culture toolkit: Leveraging disclosure data to drive a speak-up culture

Healthy disclosure rates are an indicator of a strong speak-up culture. Discover how to improve disclosure participation and engagement.

Noshin Khan

January 17, 2023 4 min read

Privacy & Data Governance

Addressing UK app Code of Practice requirements with OneTrust

OneTrust has developed an Android SDK scanner to comply with Google Play Data safety while supporting the new UK app Code of Practice.

Julian Evans

January 13, 2023 6 min read

Privacy & Data Governance

Addressing UK app Code of Practice requirements with OneTrust

OneTrust has developed an Android SDK scanner to comply with Google Play Data safety while supporting the new UK app Code of Practice.

Julian Evans

January 13, 2023 6 min read

Privacy & Data Governance

Belgian DPA approves action plan for IAB Europe’s TCF

After violating the GDPR, the Belgian DPA approved an action plan to bring the processing of personal data within the IAB TCF into compliance with the GDPR.

Alex Cash, Director of Strategy, Consent & Preferences | CIPP/E, CIPM

January 12, 2023 7 min read

Privacy & Data Governance

Belgian DPA approves action plan for IAB Europe’s TCF

After violating the GDPR, the Belgian DPA approved an action plan to bring the processing of personal data within the IAB TCF into compliance with the GDPR.

Alex Cash, Director of Strategy, Consent & Preferences | CIPP/E, CIPM

January 12, 2023 7 min read

Ethics & Compliance

Continuous improvement: The leading indicator for successful compliance programs

Continuous improvement is a method of operationalizing improvement to processes, products, or other aspects of a business through a cycle of repeatable steps.

Gbemi Yusuff

January 11, 2023 6 min read

Ethics & Compliance

Continuous improvement: The leading indicator for successful compliance programs

Continuous improvement is a method of operationalizing improvement to processes, products, or other aspects of a business through a cycle of repeatable steps.

Gbemi Yusuff

January 11, 2023 6 min read

Third-Party Risk

Build trust, promote your program in the Third-Party Risk Exchange

The Third-Party Risk Exchange allows businesses to learn more about each other's security posture, offer SIG Lite assessments on-demand, and more.

Pranav Menem

January 10, 2023 3 min read

Third-Party Risk

Build trust, promote your program in the Third-Party Risk Exchange

The Third-Party Risk Exchange allows businesses to learn more about each other's security posture, offer SIG Lite assessments on-demand, and more.

Pranav Menem

January 10, 2023 3 min read

Consent & Preferences

Consent management by the numbers: 2022 DMA report summary

We partnered with the Data & Marketing Association (DMA) (UK) to research how marketers manage their data and the value they realize using CMP systems.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust Consent and Preferences

January 09, 2023 4 min read

Trust Intelligence

Building trust in a zero trust world

OneTrust CEO Kabir Barday recently participated in a panel discussion with Deloitte at CES, discussing how to build digital trust to drive business performance.

Kabir Barday CEO, OneTrust

January 09, 2023 4 min read

Privacy & Data Governance

Navigating the California Privacy Rights Act as a HIPAA-compliant business

CPRA’s health information exemption is not a blanket entity exemption, meaning HIPAA-compliant organizations may still need to consider its requirements.

Bex Evans, Senior Product Marketing Manager | CIPP/E, CIPM

January 09, 2023 5 min read

Consent & Preferences

Consent management by the numbers: 2022 DMA report summary

We partnered with the Data & Marketing Association (DMA) (UK) to research how marketers manage their data and the value they realize using CMP systems.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust Consent and Preferences

January 09, 2023 4 min read

Trust Intelligence

Building trust in a zero trust world

OneTrust CEO Kabir Barday recently participated in a panel discussion with Deloitte at CES, discussing how to build digital trust to drive business performance.

Kabir Barday CEO, OneTrust

January 09, 2023 4 min read

Privacy & Data Governance

Navigating the California Privacy Rights Act as a HIPAA-compliant business

CPRA’s health information exemption is not a blanket entity exemption, meaning HIPAA-compliant organizations may still need to consider its requirements.

Bex Evans, Senior Product Marketing Manager | CIPP/E, CIPM

January 09, 2023 5 min read

ESG & Sustainability

EFRAG approved the European Sustainability Reporting Standards

EFRAG has released first draft European sustainability reporting standards as part of the EU Corporate Sustainability Reporting Directive.

Chris Fenwick

January 06, 2023 8 min read

Privacy & Data Governance

US state privacy bills on the horizon in 2023

Stay up to date with the latest news in US state privacy law, with bill highlights, legislation status, and resources to help your organization stay compliant.

Param Gopalasamy

January 06, 2023 4 min read

ESG & Sustainability

EFRAG approved the European Sustainability Reporting Standards

EFRAG has released first draft European sustainability reporting standards as part of the EU Corporate Sustainability Reporting Directive.

Chris Fenwick

January 06, 2023 8 min read

Privacy & Data Governance

US state privacy bills on the horizon in 2023

Stay up to date with the latest news in US state privacy law, with bill highlights, legislation status, and resources to help your organization stay compliant.

Param Gopalasamy

January 06, 2023 4 min read

Speak-Up Program Management

Speak-up culture toolkit: Helpline and case management

Everyone wins when you shine a light on your ethics and compliance helpline and build a speak-up culture that reflects your organization's values.

Kelly Maxwell, Content Marketing Specialist

January 05, 2023 6 min read

Speak-Up Program Management

Speak-up culture toolkit: Helpline and case management

Everyone wins when you shine a light on your ethics and compliance helpline and build a speak-up culture that reflects your organization's values.

Kelly Maxwell, Content Marketing Specialist

January 05, 2023 6 min read

Consent & Preferences

3 steps to stay compliant while using consent-driven targeted marketing

Learn how your organization can utilize targeted ads while still being compliant by following these three steps to ensure you prioritize your user's privacy.

Alex Cash

January 04, 2023 4 min read

Third-Party Risk

As third-party needs sprawl, so do risk management investments

From a new focus on ESG to a renewed need for cybersecurity, third-party and vendor risk management solutions have become a priority for organizations.

Jason Koestenblatt

January 04, 2023 3 min read

Consent & Preferences

3 steps to stay compliant while using consent-driven targeted marketing

Learn how your organization can utilize targeted ads while still being compliant by following these three steps to ensure you prioritize your user's privacy.

Alex Cash

January 04, 2023 4 min read

Third-Party Risk

As third-party needs sprawl, so do risk management investments

From a new focus on ESG to a renewed need for cybersecurity, third-party and vendor risk management solutions have become a priority for organizations.

Jason Koestenblatt

January 04, 2023 3 min read

Privacy Automation

The dos and don’ts of CPRA privacy rights requests 

The CPRA has new consumer rights for California residents and employees, meaning new obligations and rights requests are coming your organization's way.

Robb Hiscock

January 03, 2023 7 min read

Privacy Automation

The dos and don’ts of CPRA privacy rights requests 

The CPRA has new consumer rights for California residents and employees, meaning new obligations and rights requests are coming your organization's way.

Robb Hiscock

January 03, 2023 7 min read

Data Discovery & Security

How OneTrust helps reduce your sensitive data footprint

More data, more costs, more risk. More value? That’s up to how your organization makes use of data retention and minimization principles.

Rebecca Evans

December 23, 2022 4 min read

Data Discovery & Security

How OneTrust helps reduce your sensitive data footprint

More data, more costs, more risk. More value? That’s up to how your organization makes use of data retention and minimization principles.

Rebecca Evans

December 23, 2022 4 min read

Privacy & Data Governance

Conducting PIA, DPIA, and TIA to inform notices

Privacy Impact Assessments, Data Protection Impact Assessments, and Transfer Impact Assessments are vary greatly in terms of what, why, and when.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

December 21, 2022 9 min read

Privacy & Data Governance

Conducting PIA, DPIA, and TIA to inform notices

Privacy Impact Assessments, Data Protection Impact Assessments, and Transfer Impact Assessments are vary greatly in terms of what, why, and when.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

December 21, 2022 9 min read

Ethics & Compliance

The ultimate guide to complying with the EU Whistleblower Directive

Due to the Directive, your whistleblower hotline, retaliation policies, and compliance program may require a revamp, even if your employees are not in the EU.

December 19, 2022 15 min read

Ethics & Compliance

The ultimate guide to complying with the EU Whistleblower Directive

What you need to know to revamp your policies and remain compliant

December 19, 2022 15 min read

ESG & Sustainability

CSRD: EU ESG disclosure rule is approved

The European Parliament and Council adopted the CSRD to make businesses more publicly accountable for their societal and environmental impacts.

Alexis Kateifides, Senior Counsel, OneTrust Centers of Excellence

December 18, 2022 6 min read

ESG & Sustainability

CSRD: EU ESG disclosure rule is approved

The European Parliament and Council adopted the CSRD to make businesses more publicly accountable for their societal and environmental impacts.

Alexis Kateifides, Senior Counsel, OneTrust Centers of Excellence

December 18, 2022 6 min read

Privacy & Data Governance

CCPA toll-free number requirement

The California Privacy Rights Act (CPRA) follows up the CCPA with new and expanded rights, retaining the toll-free number requirement.

Param Gopalasamy, CIPP/E, CIPM

December 15, 2022 4 min read

Privacy & Data Governance

CCPA toll-free number requirement

The California Privacy Rights Act (CPRA) follows up the CCPA with new and expanded rights, retaining the toll-free number requirement.

Param Gopalasamy, CIPP/E, CIPM

December 15, 2022 4 min read

Ethics & Compliance

Maximizing your compliance budget in 2023

If your team receive cuts, follow these recommendations to prioritize resources for critical activities, do more with less, and continue to achieve key outcomes.

December 14, 2022 6 min read

Ethics & Compliance

Maximizing your compliance budget in 2023

If your team receive cuts, follow these recommendations to prioritize resources for critical activities, do more with less, and continue to achieve key outcomes.

December 14, 2022 6 min read

ESG & Sustainability

Ultimate guide to ESG sustainability

As global organizations begin to adopt key ESG principles, it's critical to pivot your business strategy to address sustainability.

Julie Yamamoto

December 13, 2022 35 min read

ESG & Sustainability

Ultimate guide to ESG sustainability

As global organizations begin to adopt key ESG principles, it's critical to pivot your business strategy to address sustainability.

Julie Yamamoto

December 13, 2022 35 min read

Privacy & Data Governance

The ultimate guide to US privacy

Our guide will help you better understand the five state privacy laws and how they will define the US privacy landscape in lieu of a federal privacy framework.

Robb Hiscock

December 09, 2022 22 min read

Privacy & Data Governance

The ultimate guide to US privacy

Our guide will help you better understand the five state privacy laws and how they will define the US privacy landscape in lieu of a federal privacy framework.

Robb Hiscock

December 09, 2022 22 min read

Third-Party Due Diligence

Best practices for conducting third-party due diligence for ethics and compliance

A well-designed compliance program should apply risk-based due diligence and have a process for the full lifecycle of third-party risk management

Kelly Maxwell

December 08, 2022 9 min read

Third-Party Due Diligence

Best practices for conducting third-party due diligence for ethics and compliance

A well-designed compliance program should apply risk-based due diligence and have a process for the full lifecycle of third-party risk management

Kelly Maxwell

December 08, 2022 9 min read

ESG & Sustainability

3 key takeaways from COP27

Learn three key takeaways from COP27, which includes reinforcing the growing demand for true and accurate reporting on climate risks for investors.

Chris Fenwick

December 06, 2022 8 min read

ESG & Sustainability

3 key takeaways from COP27

Learn three key takeaways from COP27, which includes reinforcing the growing demand for true and accurate reporting on climate risks for investors.

Chris Fenwick

December 06, 2022 8 min read

Trust Intelligence

Trending toward trust: What organizations need to watch in 2023

Trending Toward Trust is the new 2023 report from OneTrust, highlighting some of the most significant trends that will shape trust in organizations.

Robb Hiscock

December 05, 2022 4 min read

Trust Intelligence

Trending toward trust: What organizations need to watch in 2023

Trending Toward Trust is the new 2023 report from OneTrust, highlighting some of the most significant trends that will shape trust in organizations.

Robb Hiscock

December 05, 2022 4 min read

Third-Party Risk

Ironclad, OneTrust partner to streamline and secure third-party procurement processes

To help organizations take a holistic approach to the third-party contracting and risk management process, OneTrust has partnered with Ironclad.

Chet Devchand

November 30, 2022 4 min read

Third-Party Risk

Ironclad, OneTrust partner to streamline and secure third-party procurement processes

To help organizations take a holistic approach to the third-party contracting and risk management process, OneTrust has partnered with Ironclad.

Chet Devchand

November 30, 2022 4 min read

Privacy & Data Governance

Navigating the CPRA as a GLBA-compliant business

The California legislature amended the CCPA , recognizing the conflict between the CCPA and sectoral frameworks such as the Gramm-Leach-Bliley Act.

Robb Hiscock

November 29, 2022 5 min read