The US privacy landscape is a puzzle. CCPA, CPRA, UCPA, CPA... We're here to reduce the complexity. Stay compliant across regulations and build customer trust with the OneTrust Privacy and Data Governance Cloud.
Download our US privacy resource kit to access everything you need to get a handle on regulatory requirements or speak with one of our experts to find a solution.
Businesses at different stages of privacy maturity will need to approach US privacy compliance in different ways. Download the infographic to learn more.
Learn more about the three priorities for managing US privacy requirements, including addressing the most visible aspects of US privacy compliance.
Privacy notices are ubiquitous, however their required contents varies from jurisdiction to jurisdiction. Read this blog to learn what you need to include.
Privacy risk or data protection assessments (commonly known as PIAs) are now required under certain criteria for the processing of personal data in new state privacy laws across California, Virginia, Colorado, and Connecticut.
We help teams:
Embed privacy impact assessments into existing business systems to capture context from stakeholders at the right
Conduct threshold assessments to determine high risk processing and trigger DPAs when relevant
Demonstrate compliance with real-time regulatory intelligence, insights, and analytics
With the CPRA in effect, consumer rights have been extended to employees. Employee rights fulfillment poses unique challenges for organizations as employee data can be found across email, documents, and other unstructured data types.
We help teams:
Understand where employee data exists across structured and unstructured formats
Create employee privacy policies that reflect current processes
Automate employee rights requests
Orchestrate retention policies for employee and applicant data
The definitions of sensitive personal data and requirements for effectively governing personal and it vary across the various state privacy laws.
We help teams:
Identify processes involving sensitive personal information and categorize personal and sensitive personal data across the entire data landscape
Flag data policy violations and orchestrate remediation actions including access, masking, and deletion
Deliver dynamic web experiences that enable consumers to opt-in or opt-out of processing of their sensitive personal information
Existing and upcoming US privacy laws include requirements around the foundational privacy principles of minimization, purpose-limitation, and retention of personal data.
We help teams:
Research and define retention policies and apply those policies against your data assets
Discover retention policy violations and orchestrate remediation actions in source systems
Disclose retention periods within privacy notices at time of collection
Our obligations to our customers are our main priority and with OneTrust we not only demonstrate our commitment to their data protection and privacy, but confidently improve our privacy practices to support compliance for current and future regulations.
