Skip to main content

On-demand webinar coming soon...

Blog

The ultimate guide to privacy management

May 21, 2021

Green gradient background

What is privacy management?

Today, your business must maintain compliance with a bevy of local and international legislation aimed at protecting individual data rights. The processes and activities supporting this are grouped into a discipline experts call privacy management.

As the privacy landscape has evolved, so have the key areas to include in a privacy management program. Because this area is so important for businesses that want to increase their clout with customers and protect themselves legally, it’s important to understand the major factors that contribute to a healthy privacy management program.

This Ultimate Guide to Privacy Management does just that. You’ll learn what areas to address, why they’re important, and how to implement specific tactics to support them.

Download The Ultimate Guide to Privacy Management eBook

Lawfulness, fairness, and nondiscrimination

A foundational standard for privacy management is being able to prove through records that you have a legal reason for collecting and processing personal data. This is called legal basis and it’s at the forefront of widely-followed privacy legislation, including the GDPR and LGPD.

To achieve legal basis, you must be following at least one of six parameters:

  1. Performance of a contract: You’re processing data in order to sign or make good on the terms of a contract.
  2. Compliance with a legal obligation: You’re processing data for legal purposes, e.g. verifying a new employee’s application and background information.
  3. Protection of vital interests (safety) of individuals: You’re processing data to help someone in an emergency situation, most likely a medical one.
  4. Performance of a task carried out in the public interest: You’re processing data as a government organization, or as someone who supports one.
  5. Legitimate interests: You’re processing data without users giving consent for a reason you deem valuable to those users. Complete a Legitimate Interests Assessment (LIA) to demonstrate you’re qualified to use this reason as a legal basis.
  6. Consent: You’re processing data because users have given you explicit consent to do so. To use this as a legal basis, make sure data collection follows the rules: It must be freely given, specific, informed, and unambiguous.

In addition to legal basis, there are four other qualifiers to follow when it comes to lawfulness, fairness, and nondiscrimination.

  1. Fairness: Personal data must be processed at the most conservative level of fairness. An example is to make sure privacy settings are easy to access and understand — and they’re set to the most protective by default.
  2. Protection of minors: Make sure the mechanics and processes are in place to protect the data of minors. One example encouraged by some privacy laws is gaining parental consent beforehand.
  3. Processing of sensitive data: Set up measures and appropriate levels of special treatment to process sensitive data safely such as racial or ethnic origin, health information, and religious affiliation properly.
  4. Nondiscrimination: You can’t discriminate against users based on their privacy preferences.
     

Transparency and free access

A modern privacy management program shouldn’t hide anything from its users. Not only is the opposite required by countless privacy laws, but it’s just good business. The most visible way you can create transparency is through a privacy policy.

A privacy policy should live permanently on your website for easy access by visitors. But it should also be stored and accessible by your employees on an intranet or cloud-based system. Create support materials to help your team more efficiently enact the privacy policy:

  • Write procedures and playbooks for training and reference.
  • Document activity and perform audits to ensure internal compliance.
  • Assign a person and/or department responsibility for record-keeping and communicating policy changes.

The submission process for a user to submit individual feedback about a status change to their feedback should also be a part of your privacy policy.

Finally, enable free access — freely providing information about the form and duration of your data processing and integrity. This should be done by showing users a message at the time when you’re collecting their data: What information you’re collecting, using, storing, and transferring.

Download The Ultimate Guide to Privacy Management eBook

Purpose specification, use limitation, and suitability

It’s not enough you provide a good reason for and valid means of collecting personal data. Privacy management requires purpose specification: You use the data you collect — only and precisely — in the ways you said you would.

To ensure you follow this:

  • Document the purpose of collecting data before you start doing it.
  • Don’t collect data to have on hand in case you need it in the future. Only collect it to use for specified purpose(s).

In addition, you shouldn’t do more with the data than you said you would. Use limitation holds you accountable not to share data between departments, to minimize exposure to hackers, and to establish secure ID authentication, among other best practices.

You’re also obligated to comply with use suitability. You can’t color outside the lines of what you told data subjects about the processing of their data.

Data minimization, storage limitation, and accuracy

A privacy management program shouldn’t just focus on the preparation for and collection of personal data. You must also ensure once you collect data, it’s stored and maintained securely. The integrity of a person’s information must stay intact throughout its lifecycle with your company.

Data minimization is the practice of ensuring personal data processing is adequate, relevant, and limited to only what’s necessary. Implement data minimization by:

  • Setting up a user interface (UI) that can distinguish between optional and required form fields.
  • Using defined fields in a form instead of open text fields.
  • Verifying data for adequacy and relevance to a specific purpose, prior to processing.
  • Only collecting data needed to achieve a specific purpose.
  • Limiting data transferred to what’s minimally necessary.

You also have to follow storage limitation best practices. Personal data must be kept in a way so when it’s no longer necessary to store for your purposes, you can easily delete it. Regularly review your data inventory. Set up triggers to delete data. And erase personal data immediately and securely when users deactivate or delete their accounts.

To keep the personal data you store accurate and updated, set up auditing processes dedicated to this task. Any temporary files created when storing Personal Identifiable Information (PII) must be completely and safely disposed of.

Management system

Executing a long-term privacy management program starts with understanding the legal context behind everything you do. Across the world, governments are releasing privacy legislation. You must be knowledgeable about these legal, regulatory, and contractual requirements in order to implement them.

Start with inventory and mapping. Carefully examine your stored data and how it’s handled. This includes processing activities, data actions, data elements, category of individuals, and data environment.

Doing this will help you understand what privacy framework to follow  — such as the NIST Privacy Framework — and how to manage the associated privacy risks. Managing these risks is important. Create reporting functions and privacy controls to keep tabs on them.

Document everything:

  • The internal and external factors that are — or have the potential to — affect your company’s privacy.
  • The needs and expectations of the interested parties.
  • The scope your privacy program needs to cover.

A trusted and capable privacy management platform is critical to success in this area. Onboard a formal and documented privacy and/or security system committed to continuous auditing and improvement.

Security

Privacy and security are different, but related, disciplines. They rely on each other in order to function effectively. For your privacy management program to succeed, make sure you’re following security best practices:

  • Keep records of the media that contain personal data.
  • Protect any biometric data by storing it outside personal data information systems and inside physical data storage media.
  • Appoint an Information Security Officer (ISO).
  • Conduct penetration tests and vulnerability assessments of information systems.
  • Limit user access privileges on a need-to-know basis.
  • Use multi-factor authentication and encryption to block unauthorized access to data.
  • Install firewalls, system patches, malware, and virus protection software.
  • Implement technical and organizational measures to ensure the continuous integrity, availability and resilience of processing systems, services and data.

Security is vital to the health of your privacy management program. You must get it right. As a way to double check your security processes and controls, you can go through this checklist of questions:

  • When selecting your security controls, did you review legal and regulatory factors?
  • When selecting your security controls, did you review contractual factors?
  • When selecting your security controls, did you review business factors?
  • Would you say that your organization has appropriate security controls in place equal to the risk and sensitivity of the data it processes?
     

Accountability and recordkeeping

Accountability plays a major role in privacy management. You need to follow stringent practices about collecting, storing, and using data. But you also need to be able to prove it if a regulator were to ask for it.

Records of processing is the first way to establish accountability. Keep detailed records of your organization’s processing activities, data flows, and categories of data subjects. If you don’t have one, create a data map:

  • Integrated inventories of personal data
  • Processing activities
  • Information assets
  • Records of third-party disclosures

In addition, consult with your B2B customers before making any legally-binding personal data disclosures to third parties.

You also must have a way to prove you’re registered with the appropriate public authorities for processing activities or to gain approval for certain processing activities. And you have to show exactly who’s completing the activity — for external and internal purposes.

For external verification, you’ll need to determine who’s in charge of the processing of personal data when there’s a joint data controllerSubcontractors also represent an external body that needs to be authorized by customers to process data.

Ongoing and accurate record-keeping is the only way to be ready with sufficient evidence if you’re ever called to account. An amalgam of automated and manual internal reporting and audit mechanisms is essential. Monitor for new laws and regulations in order to update your policies and procedures.

Ensure you have open lines of communication between the privacy office and other departments within the organization.

DPO & privacy by design

Because privacy management is such an important part of a modern organization — and it’s such a massive undertaking to implement well — experts recommend assigning dedicated leadership roles committed to seeing it through.

Data Protection Officer (DPO) is the team member responsible for privacy and data protection. The company should give this individual authority, means, and resources to launch and maintain a privacy program. In addition, the executive team needs to fully support the initiatives and programs this role sets forth.

One of the main tasks of the DPO is to consistently create and maintain team-wide channels of communication about privacy policies and procedures. Privacy champions from each department act as liaisons between the DPO and their specific teams:

  • Information security
  • Internal audit
  • HR
  • Vendor management
  • Communications
  • Business executives
  • Product development
  • Analytics
  • Marketing

The other main task of the DPO is to create strategies — and make sure they’re executed properly — when it comes to the seven principles of Privacy by Design. These principles are:

Privacy impact assessments

Some privacy laws require privacy impact assessments (PIAs): You’re responsible for  identifying risks associated with processing activities. Other privacy standards require PIAs to include different content. General must-haves include:

  • The information to be collected (nature and source)
  • Why the information is being collected
  • The intended use of the information
  • With whom the information will be shared

The result of creating a PIA is to understand risk. A risk treatment plan can help you assess and document the results of your PIAs. From these, you’ll better understand how to take action to decrease the risks you’ve identified.

If you’ve discovered high residual risks, it’s in your best interest to seek advice and approval from data protection authorities before continuing to process data. Some privacy laws even require it. When it comes to protecting personal data, it’s always better to be safe than sorry.

Data subject rights

Providing data rights to users is at the center of almost every international piece of privacy legislation. In other words, you must have a process and support mechanisms in place to address requests from individuals about their data.

It starts with a clear and conspicuous notice to data subjects telling them what rights they have and how to exercise them. There must be an easy way for them to submit requests. And your team should be prepared to handle them. Internal policies, procedures, and training on how to handle data subject requests are a must.

Data subjects rights fall into 10 areas:

  • Right to be informed
  • Right to withdraw or modify
  • Right of access
  • Right to rectification
  • Right to be forgotten/erasure
  • Right to restriction
  • Right to security freeze
  • Right to data portability
  • Right to object
  • Right to opt out of sale of data

If your company automates some decisions about user data, you have to provide a way for users to request a manual review of those automations. Likewise, any changes to a user’s data made via a data subjects rights request has to also be changed by any third parties with whom it’s shared.

Create open lines of communication to inform these entities about modification, withdrawal, or objection about personal data.

Vendor management

It’s not uncommon for companies to outsource to third parties for a variety of services. If you use vendors, though, it’s your responsibility to ensure they’re following your privacy management policies. You’ll have to establish processes and supporting technology to dot your i’s and cross your t’s.

Contracts are key to effective vendor management. They should closely reflect your own privacy standards. A compliance checklist can help here. It provides a rundown of general privacy must-haves — such as a vendor privacy impact assessment — married with policies unique to your organization. You must tick off every box on this checklist in order to onboard a new vendor.

Vendor assessments are essential to monitor ongoing compliance. Double check all your processes to ensure they sufficiently cover technical and organizational measures — and that vendors are following them.

Cross-border data transfer and data localization

Whether you receive or send personal data outside the country in which you do business, privacy management requires you to track that activity. These cross-border data transfers have to be completed via lawful mechanisms such as binding corporate rules (BRC), standard contractual clauses, or consent of the data subject.

It’s important to understand the Schrems II Decision shut down the long-standing Privacy Shield EU-US personal data transfer mechanism. And although SCCs are allowed as a data transfer mechanism, they are only accepted on a case-by-case basis.

In addition to the responsibility of cross-border data transfers, some laws state personal data of citizens or residents of the geographic location addressed by the law be processed or stored within a specific country. Adhere closely to these data localization requirements.

Incident and breach

You never want to face the situation when the personal data you store is compromised. Part of privacy management is preparing thoroughly for incidents and breaches in case they do happen.

  • Establish reporting procedures to quickly and completely track incidents or weaknesses as soon as they’re detected.
  • Document steps for finding out exactly what caused the event.
  • Identify, collect, and preserve the information related to the incident and keep it as evidence.
  • Create a checklist of remedial measures for correcting the effects of the incident.

Many privacy regulations require organizations to track incidents and breaches. You should make this a best practice to cover yourself legally.

Training your team on incident response processes and procedures will help them feel prepared for these events. Assign responsibilities to managers and their teams. When everyone knows what their jobs are, responses to breaches and incidents will be quicker.

Notifying affected parties is a core activity after a breach. Prepare notification messages in advance for fast delivery and clear communication to those affected, authorities, and data controllers.

Finally, hold a post-mortem. This post-security incident analysis should cover what the team learned, what updates or recurring negative patterns you need to address, and any other communication you need to send, if any.

Conclusion: Build trust with your privacy management program

Including these 13 areas in your privacy management program won’t just ensure you’re following local and international privacy standards. They’ll additionally give you a competitive advantage, no matter what industry you’re in.

In fact, when you build around these principles — treating it as a living program to be continuously improved — customers will naturally trust the transparency and obvious care you take with their information. When users are becoming increasingly wary of business practices, gaining hard-won trust can help your business face the future with confidence.

A privacy management platform can help you foster trust with customers at scale. Automating the most important and time-consuming tasks, this software helps you deliver on your privacy promises to users — on time, every time. OneTrust Privacy Management software is designed to do just that. Reach out to schedule a demo or start your free trial today.

 

Download The Ultimate Guide to Privacy Management eBook


You may also like

Webinar

Privacy Management

Scaling to new heights with AI Governance

Join OneTrust experts to learn about how to enforce responsible use policies and practice “shift-left” AI governance to reduce time-to-market.

June 25, 2024

Learn more

eBook

Privacy Management

Understanding data transfers under the GDPR ebook

In the ebook, we delve into the fallout from Schrems II and explore how organizations based in Europe can best navigate international data transfers under the GDPR.

June 05, 2024

Learn more

Webinar

Privacy Management

Unlocking data as a strategic asset

Learn how to enhance your privacy program maturity to deliver strategic business value with first-party data, create dynamic end-user experiences, and more.

May 29, 2024

Learn more

Webinar

Trust Transformation

Privacy and trust in action: Implementing best practices in today's privacy landscape

Join OneTrust and Red Clover to discuss how earning trust is the key strategic objective of a mature data privacy program.

May 14, 2024

Learn more

Webinar

Privacy Management

Best practices for managing employee DSARs in the EU and UK

In this webinar, our panel of experts will explore best practices for managing common complexities experienced when managing DSARs in the EU and UK.

May 08, 2024

Learn more

Webinar

Privacy Management

Integrating privacy strategically into your business

Join this session to learn how to take your data privacy program to the next level by building upon your existing capabilities, automating core privacy workflows, and more.

April 24, 2024

Learn more

Webinar

Privacy Management

Federal US privacy bill on the horizon? Exploring the draft APRA & new state privacy legislation

Join OneTrust DataGuidance and expert contributors for an overview of the Kentucky Consumer Privacy Act (KCPA), Maryland's Senate Bill 0541, and the draft American Privacy Rights Act and explore how a federal bill could shape the US privacy landscape.

April 23, 2024

Learn more

Webinar

Privacy Management

April Privacy & Data Governance Cloud demo webinar

See how OneTrust's Privacy & Data Governance Cloud operationalizes regulatory compliance and helps ensure privacy and responsible data use.

April 17, 2024

Learn more

Resource Kit

Privacy Management

Privacy by Design resource kit

This resource kit offers a range of content to help you understand the concept of Privacy by Design and provide guidance on best practices for its successful implementation.

April 04, 2024

Learn more

Interactive Tool

Privacy Management

OneTrust Data Privacy Maturity Model self-assessment

This self-assessment will help you to gauge the maturity of your privacy program and understand the areas the areas of improvement that can further mature your privacy operations.

April 01, 2024

Learn more

Webinar

Privacy Management

Building foundational data privacy compliance

Join this session to learn how to build a strong privacy foundation to achieve your compliance objectives and lay the groundwork for more strategic privacy programs.

March 26, 2024

Learn more

Checklist

Privacy Management

Preparing to self-certify with the EU-US DPF checklist

Self-certify for the EU-US DPF framework and comply with its seven core principles with this checklist.

March 26, 2024

Learn more

Webinar

Privacy Management

Spring into action! Navigating CPRA: Ensuring compliance and protecting privacy

Join us for an interactive webinar we dive into the CPRA, which will go into force on March 29th.

March 21, 2024

Learn more

Webinar

Privacy Management

Navigating data privacy in 2024: Global regulatory updates & compliance strategies

Join our webinar for a comprehensive overview of the latest global data privacy regulations and updates impacting businesses in 2024 and how to prepare.

March 20, 2024

Learn more

Webinar

AI Governance

AI in (re)insurance: Balancing innovation and legal challenges

Learn the challenges AI technology poses for the (re)insurance industry and gain insights on balancing regulatory compliance with innovation.

March 14, 2024

Learn more

Webinar

Privacy Management

Fintech, data protection, AI and risk management

Watch this session for insights and strategies on buiding a strong data protection program that empowers innovation and strengthens consumer trust.

March 13, 2024

Learn more

Webinar

Third-Party Risk

TPRM privacy compliance: 10 best practices when working with third parties

How can you build a privacy-focused TPRM program? In this webinar, we discuss best practices for privacy compliance when working with third parties, from onboarding to offboarding.

March 13, 2024

Learn more

Webinar

Privacy Management

Managing cybersecurity in financial services

Get the latest insights from global leaders in cybersecurity managment in this webinar from our Data Protection in Financial Services Week 2024 series.

March 12, 2024

Learn more

Webinar

AI Governance

Government keynote: The state of AI in financial services

Join the first session for our Data Protection in Financial Services Week 2024 series where we discuss the current state of AI regulations in the EU.

March 11, 2024

Learn more

Report

Data Discovery & Classification

The KuppingerCole Leadership Compass on Data Governance

OneTrust has been named a leader in the 2024 KuppingerCole Leadership Compass on Data Governance, receiving the highest rating for Product​, Innovation​, and Market.

March 08, 2024

Learn more

eBook

Privacy Management

Preparing to self-certify with the EU-US DPF

The EU-US DPF represents an important mechanism for US-based companies to lawfully transfer personal data form the EU to the US. Use this eBook to learn more about how to self-certify with the framework and its seven core principles.

March 07, 2024

Learn more

Infographic

Data Discovery & Classification

OneTrust Privacy & Data Governance Cloud gains momentum with widespread industry recognition

OneTrust maintains its leading position in Privacy & Data Governance, with a record number of recognitions in the last six months from KuppingerCole and Forrester

March 07, 2024

Learn more

Webinar

Privacy & Data Governance

Unlocking value through responsible use of data

Learn about the data privacy maturity model and how your privacy teams can move beyond compliance to become strategic enablers for their business.

February 28, 2024

Learn more

eBook

Privacy Management

Quebec's Law 25: What the CPO wants the CTO to know

Quebec’s Law 25 is a major legislative development in Canadian privacy that will have a significant effect on IT systems. Learn more about what the CPO wants the CTO to know.

February 26, 2024

Learn more

eBook

Privacy Management

Understanding the Data Privacy Maturity Model

Data privacy is a journey that has evolved from a regulatory compliance initiative to a customer trust imperative. This eBook provides an in-depth look at the Data Privacy Maturity Model and how the business value of a data privacy program can realised as it matures.

February 07, 2024

Learn more

Infographic

Privacy Management

OneTrust named a leader in The Forrester Wave™: Privacy Management Software, Q4 2023 report​

See why OneTrust was named a Leader in The Forrester Wave™: Privacy Management Software, Q4 2023 report.

February 07, 2024

Learn more

Webinar

Privacy Management

The road to 50 states: New Jersey and New Hampshire join the US privacy landscape

oin OneTrust DataGuidance for a webinar highlighting the key requirements within the new US laws, New Jersey Senate Bill 332 and New Hampshire Senate Bill 255.

February 01, 2024

Learn more

Webinar

Privacy Management

Data Privacy Day 2024: Reflecting on the past year and anticipating the next

Join our panel of expert privacy professionals as they dissect the key happenings in 2023 and how privacy professionals can approach what may occur in 2024.

January 31, 2024

Learn more

eBook

Privacy Management

Your Data Privacy Day handbook

This guide give you a range of information and resources to raise privacy awareness this Data Privacy Day. 

January 22, 2024

Learn more

Webinar

Privacy Automation

Embedding Privacy by Design through PIA Automation

Join us for a webinar on Embedding Privacy by Design through PIA Automation.

January 11, 2024

Learn more

Report

Privacy Management

The Forrester Wave™: Privacy Management Software, Q4 2023

Download the report see why OneTrust is named a leader in The Forrester Wave™: Privacy Management Software, Q4 2023 Report.

December 14, 2023

Learn more

Webinar

Privacy Management

Automating fulfillment of subject rights requests in the US

Learn how Privacy Rights Automation helps to fully automate privacy rights requests. 

December 06, 2023

Learn more

Infographic

Privacy Management

OneTrust announces partnership with Europrivacy

Learn how OneTrust and Europrivacy's partnership can help your organization achieve GDPR compliance and build trust with your customers.

December 06, 2023

Learn more

Webinar

Privacy Management

Live Demo: How to holistically manage data transfers and data sharing requirements

Live demo of the OneTrust Privacy Cloud, exploring how to manage Data Transfers, perform TIAs, and enforce consumer opt-out of the sale/share of personal data.

December 05, 2023

Learn more

Webinar

AI Governance

Revisiting IAPP DPC: Top trends from IAPP's privacy conference in Brussels

Join OneTrust and KPMG webinar to learn more about the top trends from this year’s IAPP Europe DPC. 

November 28, 2023

Learn more

Webinar

Privacy Management

December's deadline: Ensuring compliance with Utah's privacy regulation

Join us for a webinar as we explore the impending implementation of the Utah Privacy Law, set to take effect on December 31, 2023.

November 14, 2023

Learn more

Webinar

GRC & Security Assurance

Empowering your cyber defense: Key insights into the latest NIST CSF update with PwC

Join this webinar with OneTrust and PwC and gain insights into the upcoming NIST CSF update and learn how to effectively deploy it across your organization.

November 09, 2023

Learn more

eBook

Privacy Management

Data privacy and data protection: The basics explained

Whether you’re new to privacy or have been working in the space for some time, it can be a confusing place. In this eBook we explain the basics.

November 01, 2023

Learn more

Webinar

Privacy Management

Managing data transfers within the UK & EU

Join our experts as we discuss ways to effectively manage data transfers between the UK & EU while staying compliant with the latest privacy regulations.

October 31, 2023

Learn more

Infographic

Privacy Management

The principles of the EU-US DPF

The EU-US Data Privacy Framework is based upon seven core principles that organizations must comply with to certify with the framework.

October 30, 2023

Learn more

Webinar

Third-Party Risk

5 Ways to save time when assessing third parties for privacy and security risks webinar

Join our webinar and learn how to save time and streamline third-party risk assessment throughout the TPRM lifecycle.

October 25, 2023

Learn more

Webinar

Privacy Management

Revisiting the ICO Data Protection Practitioner's Conference: Addressing your top challenges

Join OneTrust and KPMG UK to discuss the challenges of employee SARs, managing your breach response with third parties, and incident management.

October 25, 2023

Learn more

Webinar

Privacy Management

Embedding privacy by design to enforce responsible use of data

In this webinar, we explore the latest in Privacy by Design standards and how to effectively manage the balance between Privacy and Data Governance.

October 18, 2023

Learn more

Webinar

The Shifting US Privacy Landscape: Lessons learned from enforcement actions and emerging trends

Stay ahead of US privacy laws as we explore the lessons learned from CCPA and FTC enforcement and how AI is effecting the regulatory landscape.

October 12, 2023

Learn more

eBook

Third-Party Risk

Data privacy compliance and Third-Party Management: A unified approach

Understand the importance of data privacy in third-party risk management, and 10 best practices for achieving privacy compliance when working with third parties.

October 12, 2023

Learn more

Webinar

Privacy Management

The Finalization of the UK-U.S. Data Bridge

A webinar discussion of significant points and implications of the new UK-US Data Bridge.

October 10, 2023

Learn more

eBook

Privacy Management

A look at processing principles under the GDPR, CCPA, and the EU-US DPF

Download this ebook to understand the principles of the GDPR, CCPA (as amended), and the EU-US DPF and to compare their similarities and differences.

October 02, 2023

Learn more

Webinar

Privacy Management

Privacy in practice: DSAR with PA Consulting

Join OneTrust and PA Consulting as we deep dive into the latest ICO requirements on SARs, handling DSARs, and the benefits of automation.

September 28, 2023

Learn more

Infographic

Privacy & Data Governance

Understanding the EU Data Boundary

Download our free infographic and get the information you need to understand the EU Data Boundary and how to properly handle data in the European Union.

September 22, 2023

Learn more

Webinar

Privacy Management

Privacy in practice: PIA & DPIA with PA Consulting

Join OneTrust and PA Consulting as we discuss what makes an effective PIA, best practices, and the benefits of automation.

September 21, 2023

Learn more

Report

Privacy Management

OneTrust named a Worldwide Leader in IDC MarketScape for Data Privacy Compliance Software

Download the latest IDC MarketScape report and see why OneTrust is a Leader in Data Privacy Compliance Software.

September 21, 2023

Learn more

Webinar

Privacy Management

The road to privacy compliance: A spotlight on Oregon & Delaware legislation

We explore the new Oregon and Delaware privacy laws, how they differ from other US privacy laws, and what they mean for your business.

September 14, 2023

Learn more

Webinar

Privacy & Data Governance

Privacy in practice for data mapping: With PA Consulting and Syngenta

Join OneTrust and panelists from PA Consulting and Syngenta as we explore practical ways to build an effective data mapping program, best practices, and the need for automation.

September 14, 2023

Learn more

Webinar

Privacy Management

India's DPDPA: What you need to know

In this webinar, legal experts discuss India's newly enacted comprehensive privacy law, the Digital Personal Data Protection Act, 2023 ('DPDPA') 

September 12, 2023

Learn more

Infographic

Privacy Automation

The ROI of privacy notice management infographic

Download this infographic and see the ROI benefits of privacy notice management automation with OneTrust Privacy Notice Management.

September 05, 2023

Learn more

Regulation Book

Privacy Management

Utah Consumer Privacy Act law book

Download the Utah Consumer Privacy Act law book and have the official UCPA text at your fingertips for when the law takes effect on December 31, 2023.

September 04, 2023

Learn more

eBook

Privacy Management

Responsible data use: Navigating privacy in the information lifecycle eBook

Download this eBook and get the insights you need to safeguard customer privacy and ensure responsible data use in the information lifecycle.

August 22, 2023

Learn more

Blog

Privacy Management

The road to 50 states: Delaware and Oregon join the US privacy landscape

Get in-depth analysis on two upcoming US Privacy laws, the Oregon Consumer Privacy Act (OCPA) and the Delaware Personal Data Privacy Act (DPDPA), with OneTrust DataGuidence and a panel of experts.

August 10, 2023

Learn more

Resource Kit

GRC & Security Assurance

PCI DSS essentials: A resource collection for compliance

Achieve PCI DSS standard compliance with our comprehsive guide to safeguarding your organization's payment card data.

August 09, 2023

Learn more

Report

OneTrust ranks #1 in 2022 market share report on data privacy software

Learn why OneTrust is #1 in 2022 data privacy compliance software market share with this report.

August 07, 2023

Learn more

eBook

Privacy Management

EU-US Data Privacy Framework: Your questions answered

What you need to know about the new EU-US Data Privacy Framework and international data transfers.

July 26, 2023

Learn more

Resource Kit

Privacy Management

EU-US Data Privacy Framework resource kit

Download our EU-US Data Privacy Framework resource kit to better understand the new aggreement for cross-border personal data transfers and how to educate your stakeholders.

July 20, 2023

Learn more

Webinar

Privacy Management

Managing data transfers

Register for this free webinar to learn how to effectively manage international data transfers in the wake of Schrems II.

July 18, 2023

Learn more

Webinar

Privacy Management

The finalization of the EU-US Data Privacy Framework

Join us for an expert panel as we discuss the finalized EU-US Data Policy Framework and what it means for organizations managing international data transfers.

July 13, 2023

Learn more

Webinar

Responsible AI

Unpacking the EU AI Act and its impact on the UK

Prepare your business for EU AI Act and its impact on the UK with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Learn more

Webinar

Privacy Management

Now in effect: Colorado and Connecticut privacy laws

In this free webinar, our privacy experts delve into the new Colorado and Connecticut privacy laws and how they differ from other US state regulations.

July 12, 2023

Learn more

Webinar

Privacy Management

Privacy & Data Governance monthly demo webinar

Watch a demo of our Privacy & Data Governance Cloud and discover how to operationalize compliance and enable trusted data use.

July 12, 2023

Learn more

Infographic

Governance & Policy Management

The 6 principles of data responsibility

Download the infographic to learn more about the 6 guiding principles for data responsibility and why it is crucial that you follow them.

July 11, 2023

Learn more

eBook

Privacy Management

The 7 principles of Privacy by Design

Learn about the seven fundamental principles of Privacy by Design and how to apply them to your business.

July 10, 2023

Learn more

Webinar

Third-Party Risk

Are your third parties a privacy compliance liability? 5 tips to reduce your exposure

Join our webinar and learn how to create an effective, privacy-focused third-party risk management (TPRM) program that streamlines recordkeeping and reduces your risk exposure.

July 05, 2023

Learn more

Data Sheet

Privacy Automation

Certification Automation: Managing PCI DSS compliance

See how OneTrust Certification Automation streamlines PCI DSS compliance by identifying controls and requirements with automation.

July 05, 2023

Learn more

Webinar

Privacy Management

Unpacking the EU-US DPF

In this webinar, we cover the new EU-US Data Privacy Framework (EU-US DPF) and what privacy program managers need to know for post-Schrems II data transfers.

June 28, 2023

Learn more

Webinar

Privacy Management

New states, new dates: Preparing for Indiana, Montana, Tennessee and Florida state privacy laws

Join our expert panel where we examine upcoming privacy legislation in Indiana, Montana, Tennessee, and Florida and the key requirements of each law.

June 20, 2023

Learn more

Checklist

Privacy Management

The Revised FADP: 7 steps toward preparedness

Prepare for Switzerland’s Revised Federal Act on Data Protection (Revised FADP) when it comes into force on September 1, 2023 with our free compliance checklist.

June 15, 2023

Learn more

Webinar

Privacy Management

Vietnam PDPD: What you need to know

Join our expert webinar as we discuss the Vietnam PDPD, its key requirements, and how your organization should prepare for its July 1, 2023 effective date.

June 06, 2023

Learn more

Webinar

Privacy Management

Staying compliant: How to manage data transfers around the globe

In this webinar, we look at the subject of internation data transfers and how to effectively navigate regional laws and mitigate the risk of non-compliance.

June 06, 2023

Learn more

Webinar

Privacy Management

Orchestrate data retention & minimization for compliance with US state privacy laws

Join this interactive webinar to learn how OneTrust helps orchestrate data retention and minimization for compliance with US privacy laws.

June 06, 2023

Learn more

Webinar

Privacy Management

EU-US data transfers: Breaking down DPC’s Meta decision

Join us for this webinar as we break down the May 22, 2023 DPC Meta decision and cover the key takaways for EU-US data transfers.

June 01, 2023

Learn more

Infographic

Privacy Automation

The ROI of DSAR automation

Learn how DSAR automation streamlines privacy rights requests and saves your organization time and resources.

June 01, 2023

Learn more

Webinar

Privacy Management

Saudi Arabia's PDPL latest amendments: Are you ready?

Join OneTrust and Deloitte Middle East as we cover the latest changes to Saudia Arabia's Personal Data Protection Law (PDPL) and what it means for organizations in the KSA region.

May 30, 2023

Learn more

Webinar

AI Governance

The EU's AI Act and developing an AI compliance program

Join Sidley and OneTrust DataGuidence as we discuss the proposed EU AI Act, the systems and organizations that it covers, and how to stay ahead of upcoming AI regulations.

May 30, 2023

Learn more

Infographic

Privacy & Data Governance

The 3 priorities of the French DPO: Gain visibility, take action, automate

Download our infographic and learn about the 3 priorities of the French DPO.

May 30, 2023

Learn more

Regulation Book

Privacy Management

Colorado Privacy Act law book

The Colorado Privacy Act (CPA) comes into force on July 1. Get the law's official text right at your fingertips.

May 30, 2023

Learn more

eBook

Privacy Management

Connecticut Data Privacy Act law book

Get the complete text of the Connecticut Data Privacy Act (CTDPA) for your reference.

May 30, 2023

Learn more

Report

Privacy & Data Governance

Gartner® Innovation Insights: Data Security Posture Management (DSPM)

Read this report from Gartner® that highlights some of the key capabilities needed in a DSPM.

 

May 30, 2023

Learn more

Webinar

Privacy Management

GDPR turns 5: Celebrating data protection

Northern Europe panel - Join our panel of experts as they recap the GDPR, its key concepts, and what it means for organizations and compliance. 

May 25, 2023

Learn more

Webinar

Privacy Management

Global Panel — GDPR & Tech: Key considerations of Privacy by Design and AI in tech

Join our panel of experts as we discuss the impact GDPR had on the tech industry during the past five years, the importance of privacy by design, and what to expect with AI and regulation.

May 25, 2023

Learn more

Webinar

Privacy Management

5 years of GDPR: Milestones, challenges, and opportunities

Eastern European panel - Watch our webinar as we look back on 5 years of the GDPR, AI, and their impact on Europe, the world, and your organization.

May 24, 2023

Learn more

Webinar

Privacy & Data Governance

Global Panel — GDPR & Healthcare: current regulatory guidance and enforcement

In this live webinar, our expert panel examines the first five years of the GDPR, how it changed the healthcare industry, and the changing global regulatory landscape.

May 24, 2023

Learn more

Webinar

Trust Intelligence

How the Onetrust platform is innovating to unlock the value of trust

Join this webinar to learn how OneTrust is enhancing its privacy management, data governance, and consent and preferences solutions to help organizations tackle data sprawl and enable regulatory agility.

May 24, 2023

Learn more

Webinar

Privacy Management

Global Panel — GDPR & Retail: building customer loyalty and trust with consent and privacy

Join us for a live panel as we discuss GDPR's impact on the retail and eCommerce industry and how companies evolved to meet the global regulatory landscape.

May 23, 2023

Learn more

eBook

Privacy Management

Getting started with GDPR compliance

This eBook covers the fundamental information you need to know in order to get your GDPR compliance program started and how OneTrust helps. 

May 23, 2023

Learn more

Infographic

Privacy Management

Comparing the FADP, Revised FADP, and the GDPR

Download our infographic to see how the Revised FADP compares with its original version and the GDPR.

May 23, 2023

Learn more

Webinar

Privacy Management

Global Panel — GDPR & Finance: Staying ahead of the regulatory and cyber landscape

How has the GDPR affected the financial industry? Join our live panel as we examine how it companies evolved to meet the regulatory challenges and what can be done to stay ahead of the curve.

May 22, 2023

Learn more

Webinar

Privacy Management

Understanding Washington's My Health My Data Act

The Washington My Health My Data Act was signed into law on April 27, 2023 and will be enacted the following year. Join OneTrust DataGuidance and a team of legal experts and get the knowledge you need for compliance.

May 18, 2023

Learn more

Infographic

Privacy Management

Comparing Canada's privacy laws infographic

Download this infographic to compare provisions in Alberta, British Colombia, and Quebec with those found at a federal level in PIPEDA and those proposed under the Consumer Privacy Protection Act.

May 18, 2023

Learn more

Infographic

Privacy Management

Top tips for Law 25 compliance

Download this infographic to learn more about Law 25’s provisions, their effective dates, and what you can do for compliance. 

May 18, 2023

Learn more

Webinar

Privacy & Data Governance

Operationalizing the Iowa Consumer Data Protection Act

Join the Privacy experts at OneTrust for an update on the new law and learn key requirements of Iowa’s new privacy law and more.

May 16, 2023

Learn more

Webinar

Privacy Management

Operationalizing employee privacy for CPRA compliance

Join this interactive webinar to learn how OneTrust helps to operationalize employee privacy for the California Privacy Rights Act (CPRA) compliance.

 

May 10, 2023

Learn more

In-Person Event

Privacy & Data Governance

Privacy in practice

Join us for a deep dive into embedding privacy by design into the fabric of your business to promote the responsible use of data.

May 09, 2023

Learn more

Webinar

Privacy Automation

Bridging borders: How to manage international data transfers

This session will cover the regulatory landscape, TIA guidance, and mitigation measures for international data transfers in the wake of the Schrems II case.

April 19, 2023 1 min read

Learn more

In-Person Event

Third-Party Risk

Risk on the Road: Navigating data management, compliance automation and third-party risk

Join this OneTrust live event series, which will address critical topics such as navigating data management, compliance automation and third-party risk.

April 11, 2023

Learn more

Webinar

Privacy Management

The US privacy landscape for third-party risk: a program prototype time

Learn how to balance the intricacies of CPRA, VCDPA, CPA, CTDPA, and UCPA when managing third parties and understanding privacy-related risks.

March 28, 2023

Learn more

Webinar

Privacy Management

Unpacking the new UK Data Protection and Digital Information Bill

Learn more about the UK's new data protection bill, which introduces changes to build a more business-friendly framework while ensuring data adequacy.

March 22, 2023

Learn more

Infographic

De-risking data through visibility and action

The rapid growth of data has increased the risk of data breaches, learn how IT and security teams can secure, monitor, and de-risk that digital information.

March 09, 2023

Learn more

Infographic

Privacy Management

US privacy in 2023: Top 3 compliance priorities

Businesses at different stages of privacy maturity will need to approach US privacy compliance in different ways. Download the infographic to learn more.

March 08, 2023

Learn more

eBook

Privacy Management

The 3 Priorities for DPOs in France: Gain Visibility, Take Action, Automate eBook | Resources | OneTrust

French DPOs should take three priorities into account when building their data protection and compliance programs and processes in 2023.

February 21, 2023

Learn more

Webinar

Privacy Automation

Privacy by design becomes an ISO standard: What you need to know and how to implement for your business

Get an overview of ISO 31700, learn considerations for implementing a PbD framework for your organization, and a look at our Privacy by Design solutions.

February 16, 2023

Learn more

Webinar

Privacy & Data Governance

Data Protection in Financial Services Week: Insurance – the privacy and cyber issues

This session focuses on emerging issues impacting data privacy and cybersecurity in the insurance and reinsurance industry and its cyber insurance products. 

February 08, 2023

Learn more

Webinar

Privacy Management

Data Protection in Financial Services Week: Managing cybersecurity in financial services

This first session will provide a real-time view from the trenches from a globally-recognized leader in cyber operational collaboration and defense.

February 07, 2023

Learn more

Webinar

Privacy & Data Governance

Data Protection in Financial Services Week: Government keynote and international transfers

This session will examine some key issues and recent developments on international data transfers with contributions from key EU, UK, and US regulators.

February 07, 2023

Learn more

Webinar

Privacy Management

Meet opt-out and opt-in consent requirements under US state privacy laws

Join this interactive webinar to learn how OneTrust Consent and Preferences help to enable consumers to opt-out of third-party trackers.

February 06, 2023

Learn more

Report

Privacy & Data Governance

Privacy on the horizon: What organizations need to watch in 2023

The Privacy on the horizon: What organizations need to watch in 2023 report highlights the views of privacy experts and industry leaders at OneTrust.

February 03, 2023

Learn more

Webinar

Privacy Management

Data Privacy Day: Protiviti & OneTrust

Join industry experts at OneTrust & Protiviti for an operational deep dive and interactive Q&A on the upcoming US State laws set to go into effect in 2023.

January 26, 2023

Learn more

Checklist

Privacy Management

7 steps to CPRA compliance

Download this checklist to make sure your organization follows the right steps to implement processes that achieve California Privacy Rights Act compliance.

January 24, 2023

Learn more

Webinar

Consent & Preferences

Expert panel: So you think you have a consent strategy?

As Quebec Bill 64 - also known as Law 25 - takes effect it's important to have a consent strategy that takes you beyond compliance.

January 20, 2023

Learn more

Webinar

Privacy Management

Unpacking new digital data laws across europe: addressing the digital services act

This webinar discusses what companies fall within the DSA's scope, key things companies need to know about the DSA and its obligations, and challenges.

January 10, 2023

Learn more

eBook

Privacy & Data Governance

The ultimate guide to US privacy

Learn more about the three priorities for managing US privacy requirements, including addressing the most visible aspects of US privacy compliance.

December 12, 2022

Learn more

Webinar

Privacy Automation

DSARS: Utilising privacy automation to build a measurable ROI program

We’ll discuss three facets of this problem, such as how to discover, classify and automate your data processes to streamline records of processing activities.

December 07, 2022

Learn more

Webinar

Privacy Management

California’s CPRA enters into effect – Are you compliant?

Watch this on-demand webinar to get an overview of the CPRA including new obligations for businesses and exemptions for select organizations.

December 06, 2022

Learn more

Webinar

Privacy Management

Managing expectations under the UAE’s Personal Data Protection Law webinar

Join this webinar to hear from experts at Simmons & Simmons Middle East LLP and OneTrust about practical tips on complying with the UAE PDPL.

November 28, 2022

Learn more

Webinar

GRC & Security Assurance

Analyzing ISO 27001:2022 reinforcing privacy and security compliance with automation webinar

Learn how InfoSec teams can automate scoping mandatory requirements and streamline generating evidence to prove compliance across ISO.

November 17, 2022

Learn more

Webinar

Privacy & Data Governance

Japan APPI: Are you ready for the upcoming amendments?

Watch this webinar for an overview of the upcomining Japan APPI amendments and what it means for your organization.

October 31, 2022

Learn more

Webinar

Privacy Management

Expert Panel: Navigating Quebec Bill 64 (Law 25)

Our industry experts discuss what makes Law 25 unique and how the impending changes will influence business decisions across industries in Canada.

October 20, 2022

Learn more

Webinar

Third-Party Risk

How OneTrust can help scale your Third-Party Risk program

In this webinar, we provide a live product demonstration to show you how your organization can optimize and scale a third-party risk program.

October 18, 2022

Learn more

Webinar

Third-Party Risk

7 core metrics every third-party risk program must track (and how to track them)

We’ll discuss the 7 core metrics successful third-party risk programs track and how to track them, such as critical metrics to track as your program matures.

September 28, 2022

Learn more

Webinar

Privacy Management

California Age-Appropriate Design Code Act: What you need to know

Watch our webinar, where legal experts from Latham and Watkins LLP discussed an overview of the recently signed Assembly Bill 2273 and its requirements.

September 26, 2022

Learn more

Webinar

Privacy & Data Governance

Operationalizing quebec bill 64 (Law 25): Steps to take & pitfalls to avoid

In this video, you will learn how OneTrust allows you to operationalize in detail the top practical elements of Bill 64 and how to maintain these practices.

September 26, 2022

Learn more

Webinar

Privacy Management

Unpacking new digital data laws across Europe: Addressing the digital markets act

Learn challenges related to the enforcement of the DMA, such as the interplay between the DMA’s data-related obligations and other regulatory instruments.

September 20, 2022

Learn more

Webinar

Privacy Automation

Establishing and enforcing retention policies

In this webinar, we will cover data policy requirements across the EU and discuss steps to automate data policy management and operational considerations.

September 05, 2022

Learn more

Webinar

Privacy Automation

Don’t just document it,​ enforce it. Embedding​ privacy by design into​ cloud migrations

Learn how businesses can implement governance policies like retention, minimization, and open access through integrating technologies to minimize risks.

September 05, 2022

Learn more

Webinar

Third-Party Risk

10 best practices for streamlining your third-party risk management workflows

Watch this webinar to hear how to leverage third-party risk management workflow creation and maintenance best practices.

August 30, 2022

Learn more

Webinar

Third-Party Risk

Cybersecurity panel: How well do you know the threats posed by your third parties?

In this panel discussion, we address critical points such as defining the metrics to track in relation to third parties and their cybersecurity risks.  

August 28, 2022

Learn more

Webinar

Privacy Management

A look at the US privacy landscape

This webinar will cover requirements, governing bodies, enforcement expectations for CPRA, VACDPA, CPA, CTDPA, and UCPA, and updates on the ADPPA.

August 25, 2022

Learn more

Webinar

Privacy Management

Employee vs. consumer rights: Same concept, different reality

Join this webinar to learn about the rights request fulfillment complexities introduced by the end of the employee exclusion in the CPRA.

August 25, 2022

Learn more

Webinar

Privacy Management

Expanded US consumer rights: What’s new and what should you do?

Join our experts to understand the operational impact of these newly-expanded US consumer rights and how to automate consumer rights request fulfillment.

August 25, 2022

Learn more

Webinar

Privacy Management

Privacy risk assessments in the US: Why, when, and what?

In this webinar, OneTrust experts discuss requirements for conducting PIAs: why they exist, when you should do them, and what they should include.

August 24, 2022

Learn more

Regulation Book

Privacy Management

Comprehensive US Privacy Law Book

Download our Comprehensive US Privacy Law Book to easily refer to the law text from all current regulations in the US privacy landscape, such as the CPRA.

August 23, 2022

Learn more

Webinar

Third-Party Risk

Third-Party risk and the U.S. privacy landscape: the top 5 things you need to know

In this webinar, we’ll review services providers under the ADPPA and outline how you can ready your third-party risk program to align with privacy regulations.

July 31, 2022

Learn more

Webinar

Privacy Management

Establishing and enforcing retention policies

Attend our webinar, "Establishing and enforcing retention policies," part of the US Privacy Laws Masterclass Series.

July 27, 2022

Learn more

Webinar

Third-Party Risk

Better by tomorrow: 7 third-party risk assessment best practices you can implement today

In this webinar, we’ll explore these questions and layout 7 must-know best practices to conduct more meaningful third-party risk assessments.

July 15, 2022

Learn more

Webinar

Privacy Management

Utah and Connecticut: Latest additions to the US Privacy landscape

Watch our webinars on the latest privacy laws from Utah and Connecticut and what you need to know to prepare in 2023.

June 17, 2022

Learn more

eBook

Privacy & Data Governance

Comparing US state privacy laws

Download this eBook and explore the key areas of US state privacy laws and how they compare. 

June 15, 2022

Learn more

Webinar

Privacy Management

How to identify & respond to privacy incidents

Join this webinar and learn how to build an Incident Management Playbook to address global privacy incidents.

June 07, 2022

Learn more

Webinar

Third-Party Risk

Third-Party risk best practices: How to align privacy & security teams for greater productivity

This webinar will discuss best practices for how privacy and security teams can work together to eliminate redundant work, save time, and be more efficient.

June 06, 2022

Learn more

Webinar

Privacy Management

Incident management: How European companies can build trust

Watch this webinar to learn how responding to all kinds of incidents big and small creates a culture of trust. 

May 24, 2022

Learn more

Webinar

Data Discovery & Security

Rethinking trusted data

Join us for a discussion on the latest trends in trusted data and how you can take critical steps to build trust in data practices

May 24, 2022

Learn more

Webinar

Privacy Management

Data regulation ramps up in Europe: DMA, DSA, and the UK Online Safety Bill

Watch this webinar as we discuss the EU's Digital Markets Act (DMA) and the Digital Services Act (DSA) as well as the UK Online Safety Bill (UK OSB) 

May 19, 2022

Learn more

Webinar

Privacy Management

Thailand privacy landscape: Enforcement of the PDPA & New developments

Watch our webinar on Thailand Personal Data Proctection Act (PDPA) and what it means for data processors and controllers.

May 15, 2022

Learn more

Webinar

Privacy Automation

OneTrust and Microsoft come together to automate employee rights requests

Join OneTrust and Microsoft in this webinar where we discuss our automated tool for processesing DSAR requests.

May 11, 2022

Learn more

eBook

Privacy Automation

The ultimate guide to privacy program automation

Download our guide and learn how automation allows teams to address broader aspects of their privacy programs such as DSARs, incident management, and more. 

April 26, 2022

Learn more

Resource Kit

Privacy Management

Your US privacy masterclass resource kit

These resources provide key information on US privacy law through blogs, webinars, and eBooks.

April 26, 2022

Learn more

Webinar

Third-Party Risk

Accelerating automation: How the pandemic forced third-party management to scale

Watch this webinar and see how the COVID-19 pandemic forced companies to accelerate automation and scale their third-party management.

April 26, 2022

Learn more

Webinar

Data Discovery & Classification

UK panel: What are data subject access requests and how do you manage them?

Join our UK legal experts as they discuss data subject rights access requests (DSAR) and how automation streamlines fulfilment and protects privacy.

April 19, 2022

Learn more

Webinar

Privacy Management

Privacy rights poland: Enhance Your DSAR process with automation, discovery & redaction

As part of our Privacy Automation webinar series, we discuss why it's important to automate DSAR fulfillment and the latest regulatory trends. 

April 03, 2022

Learn more

Webinar

Privacy Management

Managing sensitive personal information (SPI)

Watch our masterclass webinar for a deep dive on sensitive personal information (SPI) and best practices for compliance.

March 24, 2022

Learn more

Webinar

Privacy Management

Consumer rights: What’s new in 2023

Watch this webinar to learn about US consumer privacy rights in 2023 and practical steps you can take to make compliance. 

March 24, 2022

Learn more

Webinar

Privacy Management

Employee rights: Prepare for the CPRA’s Employee Inclusion

Watch this webinar and prepare for compliance with the CPRA's employee rights requirements. 

March 24, 2022

Learn more

Webinar

Privacy Management

Overview: Understanding the trio of US privacy laws

Attend our webinar, to better understand privacy laws in the US.

March 23, 2022

Learn more

Webinar

Privacy Management

New to US privacy: Privacy impact assessments

Watch our webinar as we discuss privacy impact assessments and how they relate to US privacy laws.

March 23, 2022

Learn more

Webinar

Privacy Management

Navigating opt-out of sale vs. share

Watch our US Privacy Law masterclass to  learn about opt-out of sales and share requirements and best practices for approaching compliance.

March 23, 2022

Learn more

Webinar

Privacy Management

Privacy rights: Enhance Your DSAR process with automation, discovery & redaction

As part of our Privacy Automation webinar series, we discuss why it's important to automate DSAR fulfillment and the latest regulatory trends. 

March 22, 2022

Learn more

Webinar

Data Discovery & Classification

UK DSAR automation: From intake to redaction and beyond

Join us for this instalment of our Future of Privacy Automation Series for a discussion of the challenges, key components, and building blocks of DSAR automation.

March 14, 2022

Learn more

Webinar

Data Discovery & Classification

Tackling unstructured data challenges

In this webinar, learn about the risks of unstructured data and effective strategies in automating discovery.

March 02, 2022

Learn more

Webinar

Privacy Management

Privacy 101: Steps to establishing a sustainable privacy program

Join CrossCountry Consulting and OneTrust to learn everything you need to get the fundamentals of building a privacy program.

February 24, 2022

Learn more

Webinar

Privacy Management

US Privacy series: Effectively governing personal and sensitive personal information part 3

Watch our webinar on US privacy laws and gain insight on effective personal information managment strategies.

February 02, 2022

Learn more

Webinar

Privacy Management

Privacy 101: Where do I start?

Join LevelUp and OneTrust to learn everything you need to get started in building or improving an existing privacy program.

January 20, 2022

Learn more

Webinar

Privacy Management

Privacy 101: The basics of building a privacy program (No matter your size)

Join Red Clover Advisors and OneTrust to learn everything you need to get the fundamentals of building a privacy program.

January 20, 2022

Learn more

Webinar

Privacy Management

Austria DSB rules on Analytics Complaint: The implications on data transfers

Watch this free webinar and learn about the recent Austrain DSB ruling on Google Analytics and the implicactions on data transfers under the GDPR.

January 19, 2022

Learn more

Webinar

Privacy Management

Global data residency requirements: What you need to know

Watch our webinar on global data residency requirements and learn about their implications and challenges.

January 18, 2022

Learn more

Webinar

Privacy Management

Mature your privacy program through automation, intelligence & governance

Watch this webinar and learn how to achieve real time visibility into you data and the policies for an effective privacy program.

January 14, 2022

Learn more

Infographic

Privacy Automation

4 steps for automating your privacy platform

Automate your privacy program and reduce manual inefficiencies

January 13, 2022

Learn more

Webinar

Privacy Management

Israel Privacy Protection Bill: Unpacking the proposed amendments

Watch this webinar where we discuss the Israel Privacy Protection Bill, its proposed amendments, and what it means for your organization.

January 13, 2022

Learn more

Webinar

Privacy Management

US Privacy series: Effectively governing personal and sensitive personal information part 2

Join us for an overview of US privacy laws and strategies for dealing with compliance.

January 11, 2022

Learn more

Webinar

Data Discovery & Security

Automating the classification and mapping of sensitive data​

In this free webinar, learn how to automate the classification and mapping of sensitive data and speed compliance.

January 10, 2022

Learn more

eBook

Privacy Management

CCPA vs. CPRA: next steps

The CPRA enters into effect on Jan 1, 2023 expanding the CCPA's requirements. This eBook outlines the next steps from CCPA to CPRA compliance.

January 05, 2022

Learn more

Webinar

Privacy Management

2022 Third-party trust predictions and preparations

Prepare for 2022 Trends in Third-Party Risk Management and future-proof your Third-Party Trust program.

January 04, 2022

Learn more

Webinar

Privacy Management

[Part 1] US Privacy Series: Establishing a foundation for compliance

In the first part of our US Privacy Series, we discuss US privacy laws such as the CPRA and best practices towards compliance. 

December 21, 2021

Learn more

Webinar

Privacy Management

Operationalizing iOS app account deletion

Watch our webinar on implementing account deletion for iOS apps and best practices.

December 09, 2021

Learn more

Checklist

Privacy Automation

Automate your privacy program

Download the checklist and discover the steps you can take to automate critical processes across your privacy program.

December 01, 2021

Learn more

Webinar

Consent & Preferences

Google consent mode & OneTrust CMP

Learn the benefits of using Google Consent Mode with the OneTrust CMP (Cookie Consent) to balance compliance and marketing objectives.

October 27, 2021

Learn more

Webinar

Privacy Management

CCPA, CPRA, and Global Privacy Control: Moving toward a more private web

Watch this webinar to learn about Global Privacy Control (GPC), how it centralizes user opt-out preferences, and streamlines compliance with CCPA and CPRA. 

September 08, 2021

Learn more

Webinar

Privacy Management

Managing data retention strategies

As organizations become more data-driven, one of their biggest challenges is managing data retention strategies.

August 27, 2021

Learn more

Webinar

Privacy Management

Build an incident management playbook

Prepare for privacy and security incidents by building an incident management playbook.

August 27, 2021

Learn more

Infographic

Privacy Management

CDPA vs CCPA: Comparing US privacy laws

Download this infographic comparing the Virginia CDPA to the California CCPA.

July 22, 2021

Learn more

Webinar

Privacy Management

Know your laws: Japan's APPI

Join the OneTrust DataGuidance privacy analyst team for a deep-dive webinar examining Japan's APPI and what it means for organizations.

July 22, 2021

Learn more

Webinar

Third-Party Risk

Are you a trusted vendor? 10 things every customer wants to know

Access this free webinar to learn how to be a trusted vendor.

July 22, 2021

Learn more

Webinar

Privacy Management

UK adequacy decision: What you need to know

Join this webinar to hear more about the UK Adequacy Decision and what it means for data flows between the UK and the EU.

July 21, 2021

Learn more

eBook

Privacy Management

The Ultimate Guide to Privacy Management eBook

Download the Ultimate Guide to Privacy Management to understand the major factors that contribute to a privacy management program.

June 11, 2021

Learn more

Video

Consent & Preferences

OneTrust Consent & Preference Management demo

Watch this demo video to learn how OneTrust Consent and Preference Management Cloud streamlines the consent lifecycle and accelerates fulfillment. 

October 24, 2020

Learn more

White Paper

Privacy & Data Governance

Privacy governance framework

Download our white paper and learn about OneTrust's Privacy Governance Framework and how it can serve as a blueprint for your privacy program.

January 01, 2020

Learn more

Webinar

US Privacy Masterclass: Countdown to 2023 compliance

Join this US Privacy Masterclass series as we delve into the evolving US privacy landscape and how you can build a trust-based privacy program in 2023.

Learn more

Webinar

Privacy Management

US Privacy Masterclass 2022

Watch the OneTrust US Privacy Masterclass series and gain insight on the major US privacy law and best practices.

Learn more

Webinar

Privacy Management

Privacy in Practice with PA Consulting

Join OneTrust and expert speakers from PA Consulting for a webinar series discussing the need-to-knows for creating a successful privacy management program in your organization.

Learn more

Webinar

Privacy Management

Mature your data privacy program

Learn how to mature your data privacy program beyond reactive compliance to become a strategic enabler for your business.

Learn more

Webinar

AI Governance

Mature your data privacy program

OneTrust DataGuidance and Sidley are joined by industry experts for the annual Data Protection in Financial Services Week.

Learn more