Get Started
LGPD
Products
- The OneTrust Platform
  - OneTrust PrivacyPrivacy Management Software
    - Products
      - Assessment Automation
        Assessment Automation
        Operationalize your privacy program with automated PIAs and DPIAs to efficiently achieve privacy by design.
        
        Key Capabilities
        
        Assessment template library
        
        Seamless lifecycle integrations
        
        Gap analysis and remediation
        
        Centralized privacy dashboard
        
        Learn More
      - Data Mapping
        Data Mapping
        Visualized the entire data lifecycle across IT systems and processing activities to maintain an evergreen data inventory.
        
        Key Capabilities
        
        Data discovery and population
        
        Centralized data flow inventory
        
        Data visualization dashboards
        
        Evergreen data inventory
        
        Records of processing activities
        
        Learn More
      - Consumer Rights (DSAR)
        Consumer Rights (DSAR)
        Automate the fulfillment workflow for consumer rights and data subject requests in order to access, port, or delete it.
        
        Key Capabilities
        
        Customizable request intake form
        
        CCPA toll-free requirements
        
        User identity verification
        
        Data discovery and deletion
        
        Sub-task assignment workflows
        
        Secure communication portal
        
        Learn More
      - Targeted Data Discovery™
        Targeted Data Discovery™
        Automate the manual tasks required to discover, delete, redact, opt out and process access, deletion or opt-out of sale requests.
        
        Key Capabilities
        
        Full process automation
        
        Pre-built system plugins
        
        Faster request fulfillment
        
        Automated workflow builder
        
        Learn More
      - Vendor Risk Management
        Vendor Risk Management
        Automate assessment workflows to streamline the third-party risk management lifecycle, from on-boarding to risk mitigation and off-boarding.
        
        Key Capabilities
        
        Vendor on-boarding automation
        
        Issue and exception management
        
        Audit-ready reports and dashboards
        
        360-degree vendor monitoring
        
        Learn More
      - Privacy Incident Response
        Privacy Incident Response
        Build context-aware automated workflows to rapidly respond to incidents and enhance breach notification decision-making.
        
        Key Capabilities
        
        Database of 300+ breach laws
        
        Streamline breach investigation
        
        Notification guidance built-in
        
        Risk tracking and mitigation
        
        Learn More
      - Privacy Policy & Notice
        Privacy Policy & Notice
        Simplify creating, updating and monitoring privacy policies and notices across websites and apps into one central platform.
        
        Key Capabilities
        
        Responsive policy builder
        
        Website and app integration
        
        Dynamic updates and versioning
        
        Learn More
      - CCPA Toll Free
        CCPA Toll Free
        Add a phone workflow into your consumer rights process to comply with the CCPA’s toll-free number requirement.
        
        Key Capabilities
        
        Customizable phone greeting
        
        Automated back-end workflows
        
        Consumer rights integration
        
        Learn More
      - Cookie Compliance
        Cookie Compliance
        Scan your website(s) for tracker technologies; create and deploy a cookie banner and preference center to capture user consent.
        
        Key Capabilities
        
        Deep website scan technology
        
        Auto-categorization of cookies
        
        Banner and preference layouts
        
        Cookie auto-blocking technology
        
        Dynamic cookie policy updates
        
        Ongoing monitoring and reports
        
        Learn More
      - Mobile App Consent
        Mobile App Consent
        Scan mobile apps for tracking technologies and unknown SDKs for visibility into how the app is sharing data with third parties.
        
        Key Capabilities
        
        Third-party tracker and SDK scans
        
        Mobile consent collection
        
        User preference management
        
        Learn More
      - Universal Consent
        Universal Consent
        Integrate seamlessly into existing consent collection workflows to capture and centrally store user consent records.
        
        Key Capabilities
        
        Consent lifecycle management
        
        MarTech system integrations
        
        Centralized user consent records
        
        Learn More
    - View All
  - OneTrust VendorpediaThird-Party Risk Software
    - Products
      - Assessments & Due Diligence
        Assessments & Due Diligence
        Automate assessment workflows to streamline the third-party risk management lifecycle, from on-boarding to risk mitigation and off-boarding.
        
        Key Capabilities
        
        Vendor onboarding automation
        
        Issue and exception management
        
        Audit-ready reports and dashboards
        
        360-degree vendor monitoring
        
        Learn More
      - Cyber Risk Exchange
        Cyber Risk Exchange
        Research thousands of global vendors with access to aggregated security, privacy and compliance information at a product and service level.
        
        Key Capabilities
        
        Thousands of vendor profiles
        
        Pre-completed assessments
        
        Service and product visibility
        
        Learn More
      - Chasing Services
        Chasing Services
        Eliminate manual work relating to third-party risk assessments by leveraging our in-house chasing agents to perform assessments on your behalf.
        
        Key Capabilities
        
        Risk assessments as a service
        
        Included at no additional cost
        
        Timely vendor responses
        
        Learn More
    - View All
  - OneTrust PreferenceChoiceConsent & Preference Software
    - Products
      - Cookie Compliance
        Cookie Compliance
        Scan your website(s) for tracker technologies; create and deploy a cookie banner and preference center to capture user consent.
        
        Key Capabilities
        
        Deep website scan technology
        
        Auto-categorization of cookies
        
        Banner and preference layouts
        
        Cookie auto-blocking technology
        
        Dynamic cookie policy updates
        
        Ongoing monitoring and reports
        
        Learn More
      - Mobile App Consent
        Mobile App Consent
        Scan mobile apps for tracking technologies and unknown SDKs for visibility into how the app is sharing data with third parties.
        
        Key Capabilities
        
        Third-party tracker and SDK scans
        
        Mobile consent collection
        
        User preference management
        
        Learn More
      - Preference Management
        Preference Management
        Build a dynamic preference center to give users more control over communication preferences and sync across marketing tools.
        
        Key Capabilities
        
        Customizable preference centers
        
        MarTech system integration
        
        Configurable branding options
        
        Learn More
      - Universal Consent
        Universal Consent
        Integrate seamlessly into existing consent collection workflows to capture and centrally store user consent records.
        
        Key Capabilities
        
        Consent lifecycle management
        
        MarTech system integrations
        
        Centralized user consent records
        
        Learn More
      - CMP for Publishers
        CMP for Publishers
        Support for IAB Europe TCF framework, DAA and dozens of other ad tech frameworks with solutions for publishers and advertisers.
        
        Key Capabilities
        
        Consent management provider (CMP)
        
        Publisher-specific consent
        
        Web, mobile and OTT support
        
        User consent record keeping
        
        Learn More
    - View All
  - OneTrust GRCIntegrated Risk Management
    - Products
      - IT & Security Risk Management
        IT & Security Risk Management
        Identify and respond to threats and collaborate across data, processes, risks and control owners, internally and across your extended enterprise.
        
        Key Capabilities
        
        Control implementation and testing
        
        Risk scoring methodologies
        
        Control libraries and frameworks
        
        Over 300 pre-built integrations
        
        Learn More
      - Vendor Risk Management
        Vendor Risk Management
        Manage risk across your extended enterprise and third-party relationships with a complete vendor inventory.
        
        Key Capabilities
        
        Third-party risk management
        
        Vendor risk assessments
        
        Contract management
        
        Learn More
      - Enterprise & Operational Risk
        Enterprise & Operational Risk
        Integrate risk across your business processes to gain real time insights, from digital to enterprise and operational risk.
        
        Key Capabilities
        
        Key risk indicators (KRI) highlights
        
        Multi-dimensional risk view
        
        Operational incident identification
        
        Learn More
      - Audit Management
        Audit Management
        Apply a risk-based approach to audits to recognize the scope of business practices and where proposed measures can be implemented.
        
        Key Capabilities
        
        Summarize and evidence findings
        
        Control strength and design testing
        
        Audit execution and response
        
        Learn More
      - Policy Management
        Policy Management
        Manage policies and corporate procedures in line with business objective and risk management initiatives.
        
        Key Capabilities
        
        Centralized policy register
        
        Link to compliance frameworks
        
        Document lifecycle workflows
        
        Learn More
      - Incident Management
        Incident Management
        Streamline breach investigation, improve incident visibility and strengthen issue management.
        
        Key Capabilities
        
        Data breach detection and response
        
        Self-service incident reporting
        
        Guided stakeholder workflows
        
        Learn More
    - View All
  - OneTrust DataGuidanceRegulatory Research Software
    - Products
      - Regulatory Research Portal
      - Maturity & Planning
        Maturity & Planning
        Assess the maturity of your privacy program using pre-built templates on a range of governance frameworks.
        
        Key Capabilities
        
        Program maturity level analysis
        
        Dynamic assessments
        
        Intelligent risk flagging
        
        Mitigation recommendations
        
        Executive and board reporting
        
        Learn More
      - Program Benchmarking
        Program Benchmarking
        Compare privacy program maturity against hundreds of companies based on size, region and industry.
        
        Key Capabilities
        
        Compliance-level benchmarking
        
        In-depth program comparisons
        
        Gap remediation planning
        
        Learn More
      - Awareness Training
        Awareness Training
        Train employees on privacy and security requirements through an interactive course library of over 30 topics.
        
        Key Capabilities
        
        Over 30 role-based modules
        
        Available in 30 languages
        
        Standalone or LMS integration
        
        SCORM-compliant courses
        
        Completion metrics reports
        
        Learn More
    - View All
  - OneTrust EthicsEthics & Compliance Software
    - Products
      - Whistleblowing Platform
        Whistleblowing Platform
        Empower whistleblowers to report incidents and efficiently manage the investigation workflow across your business.
        
        Key Capabilities
        
        Anonymous incident intake
        
        Case routing and triaging
        
        Configurable workflow builder
        
        Localization to 100 languages
        
        Robust reports and dashboards
        
        Learn More
      - Compliance Assessments
        Compliance Assessments
        Leverage flexible and pre-built risk methodologies and assessments to identify, track and mitigate risk.
        
        Key Capabilities
        
        Pre-built risk methodologies
        
        Assessment automation
        
        Risk mitigation workflows
        
        Learn More
    - View All
  - OneTrust Athena™ AIAI & Robotic Automation
    - Products
      - OneTrust Athena™ AI
        OneTrust Athena™ AI & Robotic Automation
        Athena is an AI bot that brings artificial intelligence, machine learning, predictive intelligence, and robotic process automation capabilities to the OneTrust platform
        
        Key Capabilities
        
        AI powered data discovery & classification
        
        Full process automation of privacy rights requests
        
        Real-time application of DataGuidance Intelligence
        
        Learn More
    - View All
  - OneTrust DataDiscoveryAI-Powered Discovery & Classification
    - Products
      - OneTrust DataDiscovery
        OneTrust DataDiscovery
        AI powered data discovery and classification to streamline the discovery process from initial discovery, classification and mapping, to fulfilling privacy rights requests and demonstrating compliance
        
        Key Capabilities
        
        Find data assets and identify systems
        
        Discover, categorize and classify data within identified systems
        
        Correlate data to personal identities
        
        Fulfill privacy rights requests for access, deletion and more
        
        Comply with global regulations, flag risk and demonstrate compliance
        
        Learn More
      - Data Discovery for Privacy
      - Data Discovery for Data Governance
      - Targeted Data Discovery™
    - View All
Solutions
Customers
Services
Request Demo
Free Trial

Rochester Regional Health

Rochester Regional Health

Fast Facts

Customer Name

Rochester Regional Health

Size

SME

Industry

Healthcare

Region

AMER

Key Regulations

HIPAA
HITRUST

Products

Vendor Risk Management

Rochester Regional Health Puts Patients First with OneTrust Vendorpedia

Rochester Regional Health is the leading provider of comprehensive care for the Greater Rochester New York community. The healthcare network is supported by over 18,000 employees, including five hospitals, all-inclusive care for elderly and home health programs, outpatient laboratories, rehabilitation programs, and surgical centers, as well as independent and assisted living centers.

Due to the sensitive protected health information (PHI) they handle, Rochester Regional Health must validate that their third parties are also properly handling this information with the same stringent security and privacy measures.

To simplify this process, Rochester Regional Health leveraged Gartner analyst firm to develop a rating scale and evaluated six technology solutions in the IT Vendor Risk Management Tools market. After extensive due diligence, the organization selected the OneTrust Vendorpedia third-party risk management software.

There was no comparison between our previous solution and Vendorpedia. Vendorpedia uses modern tools and techniques to deliver third-party risk management technology which is critical as we work to secure our patients’ PHI in the most streamlined and automated manner.

Marcelle Bicker

Senior Information Security Compliance Analyst

To read the full case study, visit Vendorpedia.com.