PrivacyTECH: OneTrust releases OneTrust 4.0, its automated privacy management platform; enters into deal with Cloud Security Alliance

OneTrust announced on Monday new updates to its privacy management and marketing compliance software: OneTrust 4.0. In the largest update to the platform, OneTrust 4.0 will include features and improvements across the comprehensive suite of OneTrust products, and introduce two new modules to help manage incident and breach notifications and vendor risk.

Other updates include automated lineage visuals for data mapping, consent optimisation analytics, automated data subject request and a new myOneTrust customer portal.

More companies use OneTrust than any other dedicated privacy management technology to comply with the GDPR and other global privacy laws. OneTrust 4.0 delivers substantial functionality, user experience and ease of use updates for customers, including assessment automation that automatically link assessments to relevant data mapping assets, vendors or processing activities. To streamline the PIAs and DPIA process, teams can also work together more effectively via OneTrust with new collaboration features available in OneTrust 4.0. It also offers data mapping by extended linking capabilities and lineage visuals between inventories provide a more flexible solution to connect assets, vendors, processing activities and data elements. Customers can also utilise custom PDF configurations and generate customisable Article 30 reports.

Powered by the DataBreachpedia by OneTrust, the new incident module simplifies the process of capturing the appropriate details about an incident, integrating the knowledge from data inventories and mapping out the obligations an organisation has based on regulatory and local jurisdictional requirements for breach notification based on the scope of the incident.

The new solution also enables customers to streamline vendor risk and contract lifecycle workflows for GDPR and other global privacy law compliance. With myOneTrust, its customer-facing portal provides a central repository for all relevant product and legal resources, guidelines and templates.

Set to be available to customers this month, the new solution for automatically pre-populating data maps and fulfilling data subject access requests. In addition to OneTrust’s Targeted Data Discovery Solution, OneTrust also offers a comprehensive marketplace of third-party enterprise data discovery solutions. A comprehensive, single readiness assessment that combines hundreds different privacy regulations and frameworks to show customer’s a comprehensive view of their privacy programme readiness across the world’s various privacy laws and regulations.

OneTrust 4.0 also delivers improved navigation, app performance improvement, maintenance alerts and in-app banner alerts so customers are better informed about the new updates.

“OneTrust 4.0 is a major leap forward for our software and provides customers with the most advanced privacy management technology platform in the industry,” said Blake Brannon, VP Product, OneTrust. “With the industry’s largest research and development team dedicated to our product customer success, we are proud to continue to deliver to our customers the most comprehensive, research-based solutions in the market.”

OneTrust also partnered on Monday with the Cloud Security Alliance (CSA) to equip over 80,000 CSA members with the resources and tools needed for GDPR and global privacy law compliance. As a part of the partnership, OneTrust will offer CSA members a free Vendor Risk Assessment Online Platform with built-in CSA Consensus Assessment CAIQ, CSA Common Controls Matrix, and CSA GDPR code of conduct templates translated into a number of languages common in the European Union.

OneTrust is also a founding member of the recently-announced Cloud Security Alliance GDPR Centre of Excellence. The GDPR and other global privacy laws hold companies and their vendors jointly liable, resulting in an increased focus on vendors’ data protection and compliance policies.

OneTrust and CSA’s partnership will equip vendor members of the CSA with the tools and resources required to achieve and maintain GDPR compliance in three main ways – OneTrust will offer CSA members a free version of the OneTrust Vendor Risk Assessment module via an online platform. The SaaS edition of the OneTrust platform will provide vendor risk assessment automation capabilities using the CSA CAIQ framework, self-assessment and attestation capabilities using the CSA GDPR Code of Conduct, and built-in CSA Common Controls Matrix (CCM).

OneTrust will translate the CSA CAIQ, CCM, and GDPR code of conduct templates into a number of languages, including Danish, Dutch, French, German, Italian, Japanese, Portuguese, Romanian, Spanish, Swedish. These translated templates will better equip CSA members to operate in local markets.

OneTrust will serve as a founding member of the Cloud Security Alliance GDPR Centre of Excellence and on the advisory board, playing an active role in the CSA’s strategy in Europe and the roadmap of CSA’s GDPR capabilities.

CSA members will have access to the platform and translated templates roll out start this month.

“Our continued partnership with OneTrust will provide our members the tools and resources they need to maintain successful GDPR and privacy programmes,” said Jim Reavis, CEO, Cloud Security Alliance. “We’re excited to empower our members with their market-leading Vendor Risk Assessment module and give our members access to translated templates leveraging OneTrust’s in-house global privacy translations team. Together we are enabling cloud vendors to maintain compliance and be successful across GDPR and other global privacy laws.”

“We’re proud to build upon our partnership with the CSA and provide their members with new resources for successful privacy and security teams,” said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). “Together we can provide members and customers with the industry’s best in vendor risk management tools and templates for GDPR and global privacy law compliance.”


Leave a Reply

WWPI – Covering the best in IT since 1980