Privacy Assessment Templates for GDPR Compliance
Based on Deep Research and EU Regulator Guidance
The OneTrust comprehensive privacy management platform supports compliance with data privacy regulations - including the EU General Data Protection Regulation (GDPR). With the EU GDPR coming into effect on 25 May 2018, organisations must undergo significant operational reform with how they handle personal data of customers, employees, and vendors as well as implement thorough record keeping to demonstrate compliance.
OneTrust’s in-house privacy research team analysed and incorporated guidance and opinions from EU regulator-based sources to create a library of over thirty privacy assessment templates.
The set of templates includes a Privacy Impact Assessment Pre-Screen (PIA), a Data Protection Impact Assessment (DPIA) and a Records of Processing (Data Mapping) template based on extensive research and regulatory guidance issued by EU Data Protection Authorities (DPA), and the Article 29 Working Party (WP29).
OneTrust is a global leader and among the most widely used technology solutions to implement a GDPR-based privacy compliance program. The comprehensive OneTrust platform helps organizations track the full lifecycle of their personal data flows, analyse these data flows against global regulations to understand risks, communicate directly with customers, employees, and vendors to capture consent, handle privacy related requests, and respond appropriately in the event of an incident.
The multi-lingual software can be deployed in an EU cloud or on-premises, and is based on a combination of intelligent scanning, regulator guidance-based questionnaires, and automated workflows to automatically generate the record keeping required for an organization to demonstrate compliance to regulators and auditors.
OneTrust helps organizations implement the requirements of GDPR including data protection by design, data protection impact assessments (PIA / DPIA), vendor management, incident and breach management, records of processing (data mapping), consent management, ePrivacy cookie compliance, data subject access, portability, and right to be forgotten.