Raytheon Technologies

Raytheon Technologies is an aerospace and defense company that combines technology and world-class engineering to provide advanced systems and services for commercial, military and government customers worldwide. With a network of over 195,000 employees, Raytheon push the boundaries of avionics, cybersecurity, directed energy, electric propulsion, hypersonics and quantum physics, and through this continued innovation has been awarded 40,000 patents. A highly compliant privacy program is important to Raytheon, not only to ensure adequate protection for their employees, but also as a fundamental part of their promise to deliver to their customers. 

Mission Critical: The Need for a Privacy Solution

Accountability and transparency are essential for an organization like Raytheon, it’s important that each area of their privacy program is working efficiently and that this work can be reported to executive members of the board. Russell Densmore, Global Privacy Compliance Senior Program Manager at Raytheon, is responsible for ensuring that every department provides reports with demonstrable evidence of Raytheon’s compliance with data protection laws. For a company with such diverse operations this is no small task and to achieve the high-level accountability that is required, the solution had to lie in technology. 

Raytheon has a large number of assets, meaning that reporting processes were very detailed and time consuming. They needed a solution that would increase efficiency across all of their processes by reducing the number of manual tasks and maximize transparency for reporting. “For every asset that Raytheon has, we carry out a record of processing activities (RoPA), this is vital for ensuring company-wide compliance,” said Russell. 

Launching an Out of This World Privacy Program

Much of Raytheon’s records were all manually inputted into excel spreadsheets, which was time-consuming and made drawing out the right data for reporting a much more difficult task than it needed to be. This is where the OneTrust tools made their first big impact: being able to automate assessment processes and having the results presented in a more accessible format.  

Privacy impact assessments are a fundamental feature of any privacy program and play a key part in Raytheon’s drive for accountability, requiring collaboration from all areas of the business. OneTrust’s PIA tool enables Raytheon to consolidate these assessments into a centralized dashboard, making the entire process more transparent for everyone involved. The PIA tool has helped Russell bring together the activities of different departments and gain a deeper insight into their processes.  

“As a privacy program manager, I aim to provide demonstrable evidence that we as a company are meeting our responsibilities and fulfilling the promises we make on paper,” said Russell.

Understanding the data that they are processing and how this fits into their overall processes is a key focus for Raytheon, and forms the foundation of their whole program. OneTrust’s Data Mapping tool enables the company to build a clear picture of where their data is coming from and how it moves through their various workflows. Having that information presented in such an accessible format means that the rest of the privacy program becomes easier to manage and makes communication about the on-going processes between teams much easier. 

The OneTrust dashboard gives a clear view of Raytheon’s compliance. The privacy team can call up any jurisdiction and present a clear overview of what data is being processed, how it’s being used and show evidence of the appropriate assessments. This added transparency has taken their accountability to a new level, considerably cutting down the time it takes to present the necessary reports.  

“We could achieve almost all of our efficiency focused goals with the Assessment Automation and Data Mapping tools,” said Russell. 

OneTrust DataGuidance has given Raytheon’s privacy team the resources to help structure their privacy research. The easily exportable reports mean sharing information with colleagues is quick and simple, and tailored updates are delivered straight to their inboxes. With the large number of assets that Raytheon operates, the ability to save relevant guidance notes and articles in specific project folders in Workspaces helps focus research and the collaborative capabilities bring the team together. 

“As new regulations are introduced, we can use the DataGuidance tool to find out which requirements apply and need to be considered,” said Russell. 

One of the key benefits for Raytheon is the ability to customize and tailor their OneTrust program to meet specific needs. Privacy cannot be approached with a one-size fits all frame of mind; it requires a flexible, customizable solution that OneTrust provides. In Raytheon’s experience, OneTrust’s agility is clear, the tool has grown and developed to meet the ever-changing needs that the industry presents. 

“The best thing about the OneTrust tool is its flexibility, no two privacy programs are the same and so having the ability to change and fit the tool to your needs is really a key benefit,” said Russell. 

To Compliance and Beyond

Business-wide cross collaboration is key for Raytheon’s compliance goals and the accessibility of OneTrust has helped spread a culture of privacy across the business. As their program develops, they want to continue empowering employees to feel comfortable talking about privacy and understanding the role that they play in achieving compliance.  

“OneTrust has empowered employees to take ownership of their privacy processes across our business, they know more, they know that they’re helping, and they know they’re doing the right thing. They get on board fast,” said Russell. 

Raytheon Technologies continually pushes the boundaries of technology and needs a privacy program that can keep up with the pace. OneTrust have demonstrated their agility in being able to keep up with Raytheon’s privacy program needs and especially during their GDPR implementation, meaning the privacy team feel confident in approaching any new regulations that arise and require a localization focus.