The process of creating, distributing and analyzing PIAs and DPIAs requires automation to efficiently achieve ‘privacy by design’ as an organizational reflex. OneTrust provides the content, guidance, workflows and integrations required to efficiently embed PIAs and DPIAs into your organizational processes.
Get assessments done faster with automated workflows, pre-built templates, a simple UI, and integration into existing productivity tools.
Combine human-driven assessments with automated data discovery to get a full picture of privacy risk and manage the workflows and controls to enforce mitigation of those risks.
Get real-time insights and analytics to demonstrate compliance to regulators and generate metrics to show the value of your program to boards and executives.
Get started by building, importing, or customizing your assessment templates. Choose from over 250 available templates, including privacy impact assessments (PIA), vendor risk assessments, subject rights requests, and data breach incidents. OneTrust enables customizations like incorporating business-friendly language and helpful tips. Our point-and-click UI makes building and customizing templates easy.
Whether an assessment is initiated by the privacy office or the project leader, define the end-to-end process from assignment to review and approval. Implement threshold assessments to determine if PIAs are necessary, and automatically escalate PIAs with high risk to DPIAs. Set even more specific conditions to automatically flag risks based on specific responses.
Start new projects and monitor the progress of existing projects from any device, through the responsive self-service portal. As an administrator, you can easily define the type of assessments available, including assignment rules and permissions. This enables business users to generate any type of assessment needed to keep projects moving smoothly or bring a new vendor on board.
Make collaboration with third parties easy by sharing privacy projects with users outside of your organization. Simply add an external user, assign them to a project, and set a date for when their access to the self-service portal will expire.
As PIAs are submitted to the privacy office, risks are automatically flagged and recommendations for remediation are provided. Risks are flagged using a configurable heatmap, which includes severity and likelihood. You can also manually flag risks and provide additional guidance on a project-by-project basis.
Gain full visibility of privacy projects across your organization to understand the sources of risk and measure the impact of your privacy program in mitigating these risks. Maintain a complete record of privacy program activities, which may be exported as a full report for any project conducted by the privacy team to speed up internal and external audits.
