Get Started
Products
- The OneTrust Platform
  - OneTrust PrivacyPrivacy Management Software
    - Products
      - Assessment Automation
        Assessment Automation
        Operationalize your privacy program with automated PIAs and DPIAs to efficiently achieve privacy by design.
        
        Key Capabilities
        
        Assessment template library
        
        Seamless lifecycle integrations
        
        Gap analysis and remediation
        
        Centralized privacy dashboard
        
        Learn More
      - Data Mapping
        Data Mapping
        Visualized the entire data lifecycle across IT systems and processing activities to maintain an evergreen data inventory.
        
        Key Capabilities
        
        Data discovery and population
        
        Centralized data flow inventory
        
        Data visualization dashboards
        
        Evergreen data inventory
        
        Records of processing activities
        
        Learn More
      - Data Discovery
      - Privacy Rights (DSAR)
        Privacy Rights (DSAR)
        Automate privacy rights (DSAR) requests from intake to fulfillment
        
        Key Capabilities
        
        Customizable request intake form
        
        CCPA toll-free requirements
        
        User identity verification
        
        Data discovery and deletion
        
        Sub-task assignment workflows
        
        Secure communication portal
        
        Learn More
      - Data Redaction
        Data Redaction
        Automate the Redaction of Emails and Files in Response to Privacy Rights Requests, for litigation and other legal use cases, and for government requests like Freedom of Information Act (FOIA)
        
        Key Capabilities
        
        Automatically upload
        
        Classify and redact data
        
        Review redacted documents
        
        Learn More
      - Targeted Data Discovery™
        Targeted Data Discovery™
        Automate the manual tasks required to discover, delete, redact, opt out and process access, deletion or opt-out of sale requests.
        
        Key Capabilities
        
        Full process automation
        
        Pre-built system plugins
        
        Faster request fulfillment
        
        Automated workflow builder
        
        Learn More
      - CCPA Toll Free #
        CCPA Toll Free #
        Add a phone workflow into your consumer rights process to comply with the CCPA’s toll-free number requirement.
        
        Key Capabilities
        
        Customizable phone greeting
        
        Automated back-end workflows
        
        Consumer rights integration
        
        Learn More
      - Vendor Risk Management
        Vendor Risk Management
        Automate assessment workflows to streamline the third-party risk management lifecycle, from on-boarding to risk mitigation and off-boarding.
        
        Key Capabilities
        
        Vendor on-boarding automation
        
        Issue and exception management
        
        Audit-ready reports and dashboards
        
        360-degree vendor monitoring
        
        Learn More
      - Incident Management
        Incident Management
        Streamline the intake, investigation, and notification of privacy and security incidents and data breaches across your organization
        
        Key Capabilities
        
        Database of 300+ breach laws
        
        Streamline breach investigation
        
        Notification guidance built-in
        
        Risk tracking and mitigation
        
        Learn More
      - Policy & Notice Management
        Policy & Notice Management
        Simplify creating, updating and monitoring privacy policies and notices across websites and apps into one central platform.
        
        Key Capabilities
        
        Responsive policy builder
        
        Website and app integration
        
        Dynamic updates and versioning
        
        Learn More
      - DataGuidance Research
      - Awareness Training
        Awareness Training
        Train employees on privacy and security requirements through an interactive course library of over 30 topics.
        
        Key Capabilities
        
        Over 30 role-based modules
        
        Available in 30 languages
        
        Standalone or LMS integration
        
        SCORM-compliant courses
        
        Completion metrics reports
        
        Learn More
      - Maturity & Benchmarking
        Maturity & Benchmarking
        Assess the maturity of your privacy program using pre-built templates on a range of governance frameworks.
        
        Key Capabilities
        
        Program maturity level analysis
        
        Dynamic assessments
        
        Intelligent risk flagging
        
        Mitigation recommendations
        
        Executive and board reporting
        
        Learn More
    - View All
  - OneTrust PreferenceChoiceConsent & Preference Software
    - Products
      - Cookie Consent
        Cookie Consent
        Scan your website(s) for tracker technologies; create and deploy a cookie banner and preference center to capture user consent.
        
        Key Capabilities
        
        Deep website scan technology
        
        Auto-categorization of cookies
        
        Banner and preference layouts
        
        Cookie auto-blocking technology
        
        Dynamic cookie policy updates
        
        Ongoing monitoring and reports
        
        Learn More
      - Mobile App Consent
        Mobile App Consent
        Scan mobile apps for tracking technologies and unknown SDKs for visibility into how the app is sharing data with third parties.
        
        Key Capabilities
        
        Third-party tracker and SDK scans
        
        Mobile consent collection
        
        User preference management
        
        Learn More
      - Preference Management
        Preference Management
        Build a dynamic preference center to give users more control over communication preferences and sync across marketing tools.
        
        Key Capabilities
        
        Customizable preference centers
        
        MarTech system integration
        
        Configurable branding options
        
        Learn More
      - Universal Consent
        Universal Consent
        Integrate seamlessly into existing consent collection workflows to capture and centrally store user consent records.
        
        Key Capabilities
        
        Consent lifecycle management
        
        MarTech system integrations
        
        Centralized user consent records
        
        Learn More
      - CMP for Publishers
        CMP for Publishers
        Support for IAB Europe TCF framework, DAA and dozens of other ad tech frameworks with solutions for publishers and advertisers.
        
        Key Capabilities
        
        Consent management provider (CMP)
        
        Publisher-specific consent
        
        Web, mobile and OTT support
        
        User consent record keeping
        
        Learn More
      - OTT App Consent
      - Consent Rate Optimization
    - View All
  - OneTrust GRCIntegrated Risk Management
    - Products
      - IT & Security Risk Management
        IT & Security Risk Management
        Identify and respond to threats and collaborate across data, processes, risks and control owners, internally and across your extended enterprise.
        
        Key Capabilities
        
        Control implementation and testing
        
        Risk scoring methodologies
        
        Control libraries and frameworks
        
        Over 300 pre-built integrations
        
        Learn More
      - Asset & Data Discovery
      - Vendor Risk Management
        Vendor Risk Management
        Manage risk across your extended enterprise and third-party relationships with a complete vendor inventory.
        
        Key Capabilities
        
        Third-party risk management
        
        Vendor risk assessments
        
        Contract management
        
        Learn More
      - Enterprise & Operational Risk
        Enterprise & Operational Risk
        Integrate risk across your business processes to gain real time insights, from digital to enterprise and operational risk.
        
        Key Capabilities
        
        Key risk indicators (KRI) highlights
        
        Multi-dimensional risk view
        
        Operational incident identification
        
        Learn More
      - Audit Management
        Audit Management
        Apply a risk-based approach to audits to recognize the scope of business practices and where proposed measures can be implemented.
        
        Key Capabilities
        
        Summarize and evidence findings
        
        Control strength and design testing
        
        Audit execution and response
        
        Learn More
      - Policy Management
        Policy Management
        Manage policies and corporate procedures in line with business objective and risk management initiatives.
        
        Key Capabilities
        
        Centralized policy register
        
        Link to compliance frameworks
        
        Document lifecycle workflows
        
        Learn More
      - Incident Management
        Incident Management
        Streamline breach investigation, improve incident visibility and strengthen issue management.
        
        Key Capabilities
        
        Data breach detection and response
        
        Self-service incident reporting
        
        Guided stakeholder workflows
        
        Learn More
    - View All
  - OneTrust VendorpediaThird-Party Risk Exchange
    - Products
      - Third Party Risk Exchange
        Third Party Risk Exchange
        A community of pre-completed vendor risk assessments with detailed cybersecurity, privacy, and compliance due diligence data, updated daily
        
        Key Capabilities
        
        Thousands of vendor profiles
        
        Pre-completed assessments
        
        Service and product visibility
        
        Learn More
      - Assessment AutoComplete
        Assessment AutoComplete
        Automatically answer any incoming security, privacy, and due diligence questionnaires: manage all incoming requests for information, build an answer library, and securely share documentation
        
        Key Capabilities
        
        Vendor onboarding automation
        
        Issue and exception management
        
        Audit-ready reports and dashboards
        
        360-degree vendor monitoring
        
        Learn More
    - View All
  - OneTrust EthicsEthics & Compliance Software
    - Products
      - Whistleblower Hotline & Case Management
        Whistleblower Hotline & Case Management
        Empower whistleblowers to report incidents and efficiently manage the investigation workflow across your business.
        
        Key Capabilities
        
        Anonymous incident intake
        
        Case routing and triaging
        
        Configurable workflow builder
        
        Localization to 100 languages
        
        Robust reports and dashboards
        
        Learn More
      - Conflict of Interest & Disclosures
      - Code of Conduct & Policy Management
      - Data Ethics & Risk Management
        Data Ethics & Risk Management
        Leverage flexible and pre-built risk methodologies and assessments to identify, track and mitigate risk.
        
        Key Capabilities
        
        Pre-built risk methodologies
        
        Assessment automation
        
        Risk mitigation workflows
        
        Learn More
      - Third Party Due Diligence
      - Awareness Training
    - View All
  - OneTrust DataGovernanceData Governance Software
    - Products
      - Data Discovery
        Data Discovery
        AI powered data discovery and classification to streamline the discovery process from initial discovery, classification and mapping, to fulfilling privacy rights requests and demonstrating compliance
        
        Key Capabilities
        
        Find data assets and identify systems
        
        Discover, categorize and classify data within identified systems
        
        Correlate data to personal identities
        
        Fulfill privacy rights requests for access, deletion and more
        
        Comply with global regulations, flag risk and demonstrate compliance
        
        Learn More
      - Data Catalog
        Data Catalog
        Automated metadata management to organize, maintain and effectively use data to enable insights and analytics, drive business goals, and demonstrate compliance.
        
        Key Capabilities
        
        Discover and classify assets and metadata
        
        Dynamically populate data dictionary
        
        Document business terms and link to technical definitions
        
        Visualize data flows across systems
        
        Manage and monitor data use with policies and controls
        
        Search and filter data across the enterprise within a single metadata repository
        
        Data Catalog
      - Data Lineage
      - Policy Management
      - Retention Schedules
      - Data Retention & Deletion
      - Data Usage Provisioning
    - View All
  - OneTrust ESGEnvironmental, Social & Governance
Solutions
Customers
Services
Request Demo
Free Trial

Rochester Regional Health

Rochester Regional Health

Fast Facts

Customer Name

Rochester Regional Health

Size

SME

Industry

Healthcare

Region

AMER

Key Regulations

HIPAA
HITRUST

Products

Vendor Risk Management

Rochester Regional Health Puts Patients First with OneTrust Vendorpedia

Rochester Regional Health is the leading provider of comprehensive care for the Greater Rochester New York community. The healthcare network is supported by over 18,000 employees, including five hospitals, all-inclusive care for elderly and home health programs, outpatient laboratories, rehabilitation programs, and surgical centers, as well as independent and assisted living centers.

Due to the sensitive protected health information (PHI) they handle, Rochester Regional Health must validate that their third parties are also properly handling this information with the same stringent security and privacy measures.

To simplify this process, Rochester Regional Health leveraged Gartner analyst firm to develop a rating scale and evaluated six technology solutions in the IT Vendor Risk Management Tools market. After extensive due diligence, the organization selected the OneTrust Vendorpedia third-party risk management software.

There was no comparison between our previous solution and Vendorpedia. Vendorpedia uses modern tools and techniques to deliver third-party risk management technology which is critical as we work to secure our patients’ PHI in the most streamlined and automated manner.

Marcelle Bicker

Senior Information Security Compliance Analyst

To read the full case study, visit Vendorpedia.com.