OneTrust announces new innovations across the Trust Intelligence Platform to help organizations responsibly use data and drive trust intelligence at scale.
As companies tackle the challenges of data sprawl, OneTrust’s enhancements provide companies with the discovery, automation, and intelligence to manage data responsibly across the entire life cycle, enable regulatory agility, and implement privacy by design. New capabilities also help organizations gain better visibility into their third parties and streamline their compliance programs.
Most organizations already recognize the intrinsic value of being a trustworthy business, but research shows that the value of trust is measurable. According to IDC, “Prioritized investment in trust programs is significantly associated with improved business resilience, operational efficiency, and sustainability worldwide.” 1
“Companies want to unlock the value of trust, but they need the scalability and visibility of an integrated platform,” said Blake Brannon, Chief Product and Strategy Officer at OneTrust. “With these new capabilities, our customers have the foundation to build a resilient business and become good stewards of data – fostering trust with customers, employees, and stakeholders. Rather than reacting to constantly changing privacy, risk, and compliance requirements, we’re helping organizations differentiate with trust to drive their business forward.”
The Trust Intelligence Platform provides a single, comprehensive foundation to consolidate solutions across privacy, security, ethics, and ESG. Going beyond standalone tools and point solutions gives organizations the improved collaboration across departments and teams, centralized intelligence, and better decision-making capabilities to see the measurable benefits of trust.
Responsible use of data throughout the data life cycle
OneTrust continues to enhance its privacy management, data discovery and governance, and consent and preferences solutions to enable regulatory agility and responsible use of data across the entire life cycle:
AI-driven document classification for improved governance
Effective data governance requires full visibility into all the data in the organization and where it resides. Now, OneTrust Data Discovery is becoming more intelligent by using machine learning to identify documents with sensitive data, such as resumes, which can’t be detected through traditional pattern matching.
Powerful classification capabilities identify data by its content and structure, such as sensitive data within a resume, and automatically apply a retention or deletion policy. This context, intelligence, and automation means less manual work for privacy and security teams to protect and responsibly use data across the organization.
Streamlined Privacy by Design projects
OneTrust has added a new Projects inventory and Privacy by Design template to the assessment template library. This enables users to assess the privacy impact of internal and external products and embed privacy by design into the product or project life cycle. In combination with Data Mapping, this template can be used to associate risks with projects in the data inventory and create relationships across other inventory objects, including assets, vendors, processing activities, and risks. With heightened scrutiny on the development of AI, this new functionality can also help assess privacy risk against AI products and projects to drive responsible AI.
Enhanced cross-border data transfers
As organizations navigate the ever-changing compliance requirements for cross-border data transfers, OneTrust helps them more accurately and efficiently track, manage, and evaluate data transfers. Users can achieve visibility across the entire transfer life cycle thanks to an improved cross-border map to visualize transfers, a new data graph visualization, and the ability to directly assess transfer records for risk. This enables organizations to ensure the appropriate measures have been taken, such as delivering appropriate notice to consumers, conducting transfer impact assessments, and implementing safeguards.
Optimized consent management throughout the data life cycle
The OneTrust Consent & Preferences Platform has been enhanced to deliver the optimal user experience, effectively capture consent, and efficiently manage data at scale. Teams can now import historical data and capture new records of consent using forms or APIs, as well as integrate consent-based activation across various systems, such as Adobe Experience Platform (AEP) and Tealium. By serving as an organization’s central consent library, OneTrust delivers the enterprise-grade speed and scale needed to effectively manage all your data.
Manage risk and compliance at scale
The global regulatory and threat landscape changes each day, requiring organizations to understand and manage a multitude of new requirements and risks. OneTrust is also announcing several new innovations designed to scale security and compliance programs, manage regulatory and reputational risk, drive effective ethics and compliance programs, and foster organizational resiliency:
Expanded frameworks for Certification Automation
The fast-expanding compliance landscape means businesses must navigate a growing number of frameworks and requirements. OneTrust Certification Automation now offers 31 frameworks across privacy and security, including a new proprietary US State Privacy Legislations framework covering US state privacy acts:
- California (CCPA)
- California (CPRA)
- Virginia (VCDPA)
- Colorado (CPA)
- Utah (UCPA)
- Connecticut (CTDPA)
InfoSec coverage has also expanded to include:
- NERC CIP
- ISO 27017
- ISO 27018
- NIS 2
- Cyber Essentials (UK)
With the ability to automate evidence collection and test once, comply many, organizations can streamline their control and compliance efforts and realize efficiencies at scale.
Expanded intelligence data within the Third-Party Risk Exchange
Organizations need both recent and relevant risk data to accurately evaluate their third parties. Our OneTrust Third-Party Risk Exchange provides instant access to risk intelligence data from multiple data sources.
Supply Wisdom, for example, imports compliance, financial, operational, location-based ESG, and cyber risk data directly into the Third-Party Risk Exchange. Organizations can then use this data, along with granular information from SecurityScorecard, RiskRecon, DataGuidance, and ISS Corporate Solutions, to monitor third parties over time and trigger automated workflows any time a risk score changes. Armed with critical risk information on all third parties, organizations can build a seamless and scalable third-party management program.
Leverage HR data for workflows in OneTrust Disclosure Management
An employee's management hierarchy is often best positioned to manage disclosure and conflict of interest risks due to their understanding of the individual and job requirements. Implementing this manually can be time intensive and ineffective.
With OneTrust Disclosure Management, organizations can now use their HR data to intelligently route disclosures to different workflows and automate the assignment of approvers within those workflows. This ensures that disclosures are sent to the appropriate individuals at the appropriate time, delivering effective risk management and reducing the need for manual intervention.
Beneficial owner screening in Third-Party Due Diligence
Regulations such as the OFAC 50% rule require organizations to verify whether beneficial owners with 50% or greater individual or combined ownership are sanctioned when screening third parties.
The new Linked Entities functionality within the OneTrust Third-Party Due Diligence solution allows customers to add and screen beneficial owners against sanctions lists and adverse media concerns. Organizations now have the tools to meet regulatory expectations tied to beneficial ownership while protecting their brand against harmful third-party relationships.
Attend our upcoming webinar to hear more about the latest updates to the Trust Intelligence Platform.
