Privacy Management
The Digital Markets Act is live: Now what?
The Digital Markets Act (DMA) went live on March 6, 2024. What does it mean for your organization? Read more to find out.
Param Gopalasamy
March 25, 20246 min read
Privacy Management
OneTrust powers privacy-first, personalized experiences with Adobe real-time customer data platform
Adobe and OneTrust have launched a partnership to bring privacy-first personalization at scale to businesses across all industries. Read our blog to learn more.
Param Gopalasamy
March 21, 20245 min read
Consent & Preferences
IAB TCF 2.2: What you need to know
IAB Europe updated their Transparency and Consent Framework to improve data privacy for users around how organizations collect and process data
Ryan Karlin
March 19, 20244 min read
Privacy Management
Executive Order on Sensitive Data: What does it mean?
Explore the impact of President Biden's Executive Order on your business's handling of sensitive data, from biometric to financial information.
Alexis Kateifides
March 14, 20245 min read
Privacy Management
Responsible use in the data lifecycle: Data collection
When building customer trust, handling personal data responsibly must be considered throughout the data lifecycle. At the point of collection this means placing transparency and choice at the forefront. Read part one of this blog series to learn more.
Robb Taylor-Hisco*ck
March 14, 20247 min read
Privacy Management
New Hampshire becomes latest state to pass a comprehensive privacy act in 2024
Following signature from the Governor of New Hampshire, Senate Bill 255 has passed into law; effective January 1, 2025
Alexis Kateifides
March 07, 20245 min read
Technology Risk & Compliance
Applying NIST CSF 2.0: Risk management vs. maturity assessments
Determine the best way to apply the NIST Cybersecurity Framework in your organization to help manage cyber risks and threats.
Katrina Dalao
March 06, 20244 min read
AI Governance
Utah passes AI bill
Learn more about the Utah AI bill and where it sits in the regulation landscape.
Lauren Diethelm
March 05, 20243 min read
GRC & Security Assurance
7 myths about SOC 2 compliance
Understand what your company needs to achieve SOC 2 compliance and protect customer data. Read more about the seven myths about SOC 2 compliance.
Katrina Dalao
February 27, 20244 min read
AI Governance
6 takeaways from recent FTC rulings and what they mean for your AI governance program
Lauren Diethelm
February 21, 20244 min read
Ethics Program Management
Should your code of conduct be public-facing?
While it may sound counterintuitive, making a company code of conduct public-facing has many benefits. See the business case for doing so.
Noshin Khan
February 20, 20246 min read
Responsible AI
The importance of responsible AI use in data discovery
Learn more about the challenges AI usage presents to your data discovery process and how you can address them.
February 14, 20246 min read
Responsible AI
Biden-Harris administration announces first consortium dedicated to AI safety
Learn more about the AI safety consortium set forth by the Biden-Harris administration
Lauren Diethelm
February 13, 20242 min read
Third-Party Risk
Third-Party AI Risk: A Holistic Approach to Vendor Assessment
Assessing third-party risk for AI vendors is critical to AI governance, but you don’t have to start your assessment process from scratch. Learn more about taking a holistic approach to vendor assessments for AI.
Marco Barone
February 06, 20244 min read
Privacy Management
Take your privacy program from a compliance initiative to a customer trust imperative
The OneTrust Data Privacy Maturity Model defines four clear stages of program maturity that will help you to go beyond compliance and start building customer trust
Ojas Rege
February 05, 20246 min read
Ethics Program Management
How does silo mentality impact organizational culture and risk?
Is your organization more siloed than you’d like it to be? Learn the pitfalls of teams working in isolation and how to overcome collaboration barriers.
Noshin Khan
February 01, 20245 min read
Privacy & Data Governance
Your guide to celebrating Data Privacy Day
Each year, Data Privacy Day represents a moment for organizations and individuals to educate themselves and those around them about privacy. This is your guide to celebrate it.
Robb Taylor-Hisco*ck
January 24, 20246 min read
Privacy & Data Governance
OneTrust and Snowflake Horizon: Integrated solutions for data access and governance
Ensuring the right people have the right access bolsters security for all.
Jason Koestenblatt
January 24, 20243 min read
Technology Risk & Compliance
Are you ready for PCI DSS v4.0? Countdown to compliance
Make sure your organization is ready for PCI DSS v4.0 with these simple action steps that help fast-track the path to compliance.
January 23, 20247 min read
Consent & Preferences
What you need to know about Google's third-party cookie deprecation
No more cookies? Oh wait, no - it’s no more third-party cookies. What’s that all about? Learn more about what Google’s latest decision means for you.
Param Gopalasamy
January 22, 20245 min read
Privacy Management
New Jersey passes comprehensive privacy law
On January 16th, New Jersey signed their privacy bill into law, marking the first state to pass a comprehensive privacy law in 2024. Learn more about what this means for your organization and how you can comply.
Alexis Kateifides
January 18, 20245 min read
Third-Party Due Diligence
What is the DOJ’s Safe Harbor Policy?
The DOJ announced the Safe Harbor Policy in October 2023. What does the policy mean for companies and compliance teams undergoing a merger or acquisition?
Hannah Middleton
January 16, 20243 min read
Data Discovery & Classification
Modern-day manufacturing: A process built on data governance
Learn how data governance in manufacturing helps establish best practices for managing data across your supply chain, from initial order placement to final delivery.
Katrina Dalao
January 09, 20248 min read
Consent & Preferences
The ultimate guide to consent and preferences in the healthcare sector
Consent management in the healthcare sector is more important than ever, with sensitive personal data from patients at stake. Learn how your organization can build patient trust through consent and preferences.
Param Gopalasamy
December 28, 202313 min read
Consent & Preferences
Unify consented data to power your tech stack
What does a consent management system do for your tech stack? And why is it necessary? Read the blog to learn more.
December 27, 20237 min read
Consent & Preferences
The ICO's stance on user privacy and website compliance
The UK’s ICO recently announced that enforcement actions will be coming soon for large websites that aren’t adhering to their consent guidelines. What does this mean for your business?
Param Gopalasamy
December 14, 20235 min read
Trust Intelligence
Trending Toward Trust in 2024: Measurement, management, and maturity
Explore 'Trending Toward Trust in 2024', OneTrust's latest report, offering key insights into measurement, management, and maturity of organizational trust.
Robb Taylor-Hisco*ck
December 11, 20234 min read
Technology Risk & Compliance
OneTrust prioritizes innovation to make trust a differentiator
Forrester recognizes OneTrust is on the path to become a holistic GRC solution.
December 11, 20233 min read
Consent & Preferences
How OneTrust integrates with Google Consent Mode
Now with OneTrust's integration of Google Consent Mode, OneTrust facilitates important implementation steps for easier setup.
Ashlea Cartee, Product Marketing Manager, Consent & Preferences, OneTrust
December 07, 20233 min read
Responsible AI
Where does AI fit in the security team’s processes?
Learn about the new tools that are transforming the security landscape and enabling ways to safeguard against evolving threats.
Tim Mullen and Julian Head
December 06, 20236 min read
Data Discovery & Security
Collibra + OneTrust: Better together | Blog | OneTrust
Learn how OneTrust's collaboration with OneTrust can expand trust and compliance across your entire data landscape.
Ojas Rege
December 05, 20232 min read
Data Discovery & Security
Data governance in retail: Protecting privacy while driving profits
Learn how to build a data governance program that protects and secures your retail company and builds customer loyalty in the long run.
Katrina Dalao
December 05, 20236 min read
AI Governance
Establishing an AI governance committee: An inside look at OneTrust’s process
Diverse AI governance committees are key to helping organizations mitigate risk and use AI responsibly. Learn more about what goes into establishing an AI governance committee.
Adomas Siudika
November 30, 20237 min read
AI Governance
Understanding the EU AI Act’s risk levels
The draft EU AI Act lays out four risk categories for the use of AI systems. Learn more about each of these categories, and how they might impact the use of AI in your business.
Laurence McNally
November 30, 20235 min read
Internal Audit Management
SOC 2 compliance checklist: 8 steps to prepare your organization
Find the right SOC 2 compliance software that provides the features that best serve your business.
November 28, 20237 min read
Responsible AI
UK AI Bill introduced in House of Lords
On November 23, 2023, UK Parliament introduced the Artificial Intelligence (Regulation) Bill to the House of Lords. Read on to learn more.
Robb Hisco*ck
November 27, 20234 min read
Responsible AI
What you need to know about conformity assessments under the EU AI Act
Providers of high-risk AI systems have to meet Conformity Assessment requirements under the EU AI Act before their system can be put on the market. Read the blog to learn more.
Lauren Diethelm
November 20, 20234 min read
Third-Party Due Diligence
Compliance check: The art of enhanced due diligence for third parties
Learn how to applyenhanced due diligenceto third parties when thorough scrutiny is needed to preserve your company’s values and ensure compliance with laws and regulations.
Jisha Dymond
November 16, 20235 min read
AI Governance
What is an AI inventory, and why do you need one?
When starting an AI governance program, one of the first and most important steps is setting up an AI inventory. Learn more about why inventories matter, and how you can create one.
Bex Evans
November 15, 20233 min read
ESG Program Management
Understanding new SEC ESG disclosure requirements
The SEC ESG disclosures ensure that financial institutions in the US report on the environmental impact of their investments. Read the blog to learn more.
Param Gopalasamy
November 14, 20235 min read
ESG Program Management
Getting to know the Task Force on Climate-related Financial Disclosures (TCFD)
A primer on the TCFD framework—what it is, why it matters, and how it’s being adopted around the world
Param Gopalasamy
November 13, 20235 min read
AI Governance
Navigating the EU AI Act
Parliament has endorsed the EU AI Act, setting the standard for safeguarding fundamental human rights while still protecting human rights. Learn more about the details of the EU AI Act and how it impacts your business.
Param Gopalasamy
November 13, 202313 min read
Consent & Preferences
A new era of behavioral advertising?
With recent enforcement decisions from authoritative bodies in Europe, organizations need to take a look at how they view consent for behavioral advertising.
Param Gopalasamy
November 08, 20234 min read
Third-Party Risk
Are your third parties a privacy compliance liability?
What role do third parties play in your privacy compliance efforts? Learn how the two functions overlap and ways to keep data secure across your supply chain.
Katrina Dalao
November 07, 202310 min read
AI Governance
What you need to know about… Generative AI
Ever heard of generative AI? Of course you have. We all have. The next time it comes up in conversation, this blog will help you appear intelligible on the topic. You’re welcome.
Param Gopalasamy
November 03, 202310 min read
Privacy Management
What the G7 Code of Conduct means for your business
Recognizing the immense impact of AI, the G7’s Code is the latest in a series of recent and upcoming developments concerning guidance around AI.
Param Gopalasamy
October 31, 20234 min read
Data Discovery & Security
Data is the new currency: How to protect financial services information
The heavily-regulated financial services industry requires a thoughtful process for governing data.
Jason Koestenblatt
October 13, 20235 min read
Third-Party Risk
Trust talks: Actioning trust-based cybersecurity from individual to enterprise
Security teams can help create and champion organizational trust despite interdepartmental silos
Jason Koestenblatt
October 09, 20234 min read
GRC & Security Assurance
Digital transformation and the evolving cybersecurity landscape
As the technological landscape continues to evolve, teams are seeing increases in compliance obligations, regulations, and the proliferation of cloud technology.
Scott Solomon
October 09, 20233 min read
Data Discovery & Security
Data governance principles: 4 best practices
Discovery and classification are necessary in data governance, but clarity and accountability are at the root of collaboration
Sam Curcuruto
October 05, 20233 min read
GRC & Security Assurance
Cybersecurity Awareness Month resource hub
The cybersecurity awareness hub pulls resources from our experts on the Security CoE, GRC, Privacy, DataGuidance, and TPRM teams to a central resource.
Jason Koestenblatt, Team Lead, Content Marketing
October 02, 20233 min read
GRC & Security Assurance
October is Cybersecurity Awareness Month. So, what?
The Cybersecurity and Infrastructure Security Agency’s (CISA) created cybersecurity awareness month with the intent to educate and promote online safety.
Scott Solomon
October 02, 20233 min read
Data Discovery & Security
Data governance builds trust, drives positive healthcare outcomes
Discovering and governing sensitive healthcare data helps professionals focus on treatment.
Sam Curcuruto
September 26, 20234 min read
Privacy Management
What the new UK-US Data Bridge means for your organization
Businesses in the UK can now transfer personal data to DPF certified US-based organizations
Marco Barone
September 25, 20236 min read
Privacy Management
Exploring the ROI of your privacy program
Learn how investing in a privacy program can have a major impact on your organization's ROI.
Bex Evans
September 20, 202311 min read
GRC & Security Assurance
Collect once, comply many: Scale your resources and optimize compliance
Create efficiencies and increase visibility by scoping, monitoring, and communicating your compliance posture.
Riyaz Habibbhai
September 18, 20235 min read
AI Governance
Embracing responsible AI: Presenting OneTrust AI Governance
Explore how OneTrust AI Governance addresses the growing challenges of AI governance, ensuring visibility, lifecycle management, and risk mitigation in an ever-evolving landscape.
Riyaz Habibbhai
September 18, 20233 min read
GRC & Security Assurance
Making enterprise risk manageable for the CISO
Created internally or externally, organizations are handling tons of data — all of which can impact your risk posture. Learn more about empowering the business with enterprise risk management.
Riyaz Habibbhai
September 18, 20233 min read
Data Discovery & Classification
How to better govern your unstructured data
Learn how data governance can help protect your customers' sensitive data as well as meet the legal and security challenges posed by unstructured data.
Jason Koestenblatt
September 13, 20235 min read
Data Discovery & Security
What is data governance?
Learn how to build an effective data governance program and the tools you need to unlock the value of your data.
Jason Koestenblatt
September 06, 20235 min read
Consent & Preferences
OneTrust integrates with Salesforce to enable trusted data use
Marketers are data-driven and need to capture and process data through different systems, including Salesforce Marketing Cloud and Sales Cloud.
Ashlea Cartee
September 06, 20233 min read
Consent & Preferences
OneTrust and Snowflake: Manage consent and enable effective data governance
Enabling data teams to better understand where sensitive data lives in the Data Cloud, use data responsibly, and ensure proper consent is granted for personal data access and use
Param Gopalasamy
August 31, 20235 min read
Speak-Up Program Management
What you need to know about… whistleblowers (and UFOs)
Learn what it means to be a whistleblower and about the global regulations designed to protect them.
Param Gopalasamy
August 22, 20237 min read
Consent & Preferences
Navigating TCF 2.2 and Google’s consent management platform requirements
Learn how TCF 2.2 affects Google's consent management platform's (CMP) requirements and what you need to know to achieve compliance.
August 11, 20236 min read
Privacy Management
India passes Digital Personal Data Protection Bill
On August 9, 2023, the Digital Personal Data Protection Bill was passed through the Upper House of Parliament in India. Here’s what you need to know about the Bill.
Robb Hisco*ck
August 11, 20236 min read
Internal Audit Management
What is NIST CSF? Everything you need to know
Learn about the NIST CSF and explore how this cybersecurity framework may benefit your organization.
Katrina Dalao
August 10, 20237 min read
Internal Audit Management
What’s the difference between NIST 800-53 vs. NIST 800-171?
Understand which cybersecurity framework applies to your organization
Katrina Dalao
August 08, 20239 min read
ESG Program Management
What is the EU Digital Rights and Principles Directive?
Learn the key points of the EU Digital Rights and Principles Directive and what best practices to consider when achieving compliance.
Param Gopalasamy
August 04, 20235 min read
Internal Audit Management
PCI DSS 4.0: Your questions answered
Prepare your organization for PCI DSS 4.0 with these resources from audit and security professionals.
August 02, 20238 min read
ESG Program Management
What is the EU Due Diligence Act?
Learn how this directive aims to make EU corporations accountable for their environmental and social impact
Param Gopalasamy
August 02, 20235 min read
Privacy Management
A guide to Privacy by Design
The concept of Privacy by Design should be familiar to most privacy professionals but understanding how to implement it can be a different story.
Robb Hisco*ck
August 02, 20236 min read
Trust Transformation
Does your organization need a Trust Office?
Instead of ‘business as usual,’ organizations should focus on building trustworthy products through processes and people
Andrew Clearwater
July 25, 20236 min read
Trust Transformation
TrustWeek 2023: Agenda now live
The ultimate conference for privacy, security, marketing, ethics, and ESG professionals comes to life with sessions on AI, IT risk, third party management, and more
July 19, 20235 min read
AI Governance
Approaching the OECD Framework for the Classification of AI Systems
Artificial Intelligence has the power to unlock benefits for businesses and society. However, it also poses significant risks that can be managed through frameworks such as the OECD’s.
Bex Evans
July 13, 20239 min read
Consent & Preferences
The ultimate guide to first-party data
Learn the best way to connect with your customers by building a first-party data marketing strategy.
Param Gopalasamy
July 13, 202318 min read
Privacy Management
Delaware becomes twelfth state to pass comprehensive privacy act
The Delaware Personal Data Protection Act is set to become the twelfth privacy act in the US introducing a range of obligations on businesses that operate in the state.
Robb Hisco*ck
July 12, 20236 min read
Privacy & Data Governance
EU-US Data Privacy Framework: A brief history
The EU-US DPF is the latest chapter in a story that has been ongoing for over two decades, but how did we get here?
Robb Hisco*ck
July 12, 20235 min read
Third-Party Risk
How to start a third-party risk management program: Implement effective processes across your organization
Learn how to implement an effective third-party risk management program that meets your organization's needs.
Katrina Dalao
July 11, 20235 min read
Third-Party Risk
How to start a third-party risk management program: Monitor and maintain performance
How to start a third-party risk management program: Monitor and maintain performance
Katrina Dalao
July 11, 20235 min read
Third-Party Risk
How to start a third-party risk management program: Get leadership buy-in
Create a TPRM program that addresses your organization’s highest security risks and aligns with strategic objectives
Katrina Dalao
July 11, 20235 min read
Internal Audit Management
What's new in PCI DSS v4.0: How to prepare your organization
Keep your account data safe with the latest payment security standard
Katrina Dalao
July 10, 20237 min read
Privacy Management
European Commission adopts adequacy decision for EU-US Data Privacy Framework
On July 10, 2023, the European Commission adopted its adequacy decision on the EU-US Data Privacy Framework restoring an important data transfer mechanism between the EU and US.
Robb Hisco*ck
July 10, 20237 min read
Privacy Management
US privacy law: When to conduct a Privacy Impact Assessment and what to include
Privacy Impact Assessments are commonplace among most modern privacy laws but understanding your requirements in a patchwork of US state privacy can be challenging.
Robb Hisco*ck
July 05, 20239 min read
Consent & Preferences
What you need to know about... Data protection in a Black Mirror world
Unraveling Black Mirror's privacy snafus: When science fiction meets reality, but forgets to do its privacy law homework
Param Gopalasamy
June 30, 202315 min read
Third-Party Risk
How to start a third-party risk management program: Understand the types of third-party risks
Learn about the different types of third-party risks and how to address each one
Katrina Dalao
June 29, 20236 min read
Privacy Management
Oregon passes comprehensive privacy bill. Awaits Governor’s signature
Oregon becomes the 11th state to pass comprehensive privacy law that becomes effective on July 1, 2024
Robb Hisco*ck
June 28, 20236 min read
Privacy Management
Quebec’s Law 25: What is it and what do you need to know?
Privacy in Quebec has undergone a significant overhaul under Law 25 (previously known as Bill 64). The province will see several new requirements becoming effective in September 2023.
Robb Hisco*ck
June 27, 20236 min read
Third-Party Due Diligence
The global regulations driving third-party due diligence
We cover the key regulations to know for managing third-party risk
Kelly Maxwell
June 21, 20236 min read
Privacy Management
Preparing for new privacy legislation in Canada – Part three
Bill C-27 will introduce the Artificial Intelligence and Data Act to help regulate the responsible use and development of AI in Canada.
Neil Saddington
June 20, 20235 min read
Data Discovery & Classification
Shifting left: Classifying and managing data sprawl at collection
Learn how to effectively discover and classify data by staring near the point of data collection to avoid data sprawl and inaccuracies.
June 15, 20232 min read
What is a PCI DSS self-assessment questionnaire?
Self-assessment questionnaires help evaluate and prove PCI DSS compliance. Find out which SAQ is right for your organization
Katrina Dalao
June 15, 20235 min read
Internal Audit Management
What is PCI DSS?
Learn the basics about PCI DSS, how it applies to your organization, and what you need to prove compliance.
Katrina Dalao
June 14, 20237 min read
Data Discovery & Classification
Discover and connect to all your data in any environment
OneTrust Data Discovery has mass coverage with 200 pre-built connectors, and an open SDK for custom data sources
Sam Curcuruto
June 08, 20232 min read
Privacy & Data Governance
Preparing for new privacy legislation in Canada: Part two
Bill C-27 is set to overhaul privacy law in Canada. Part 2 of the bill proposes a substantial transformation in the enforcement of the CPPA through a new organization.
Neil Saddington
June 06, 20235 min read
Consent & Preferences
What you need to know about first-party data
We cover the basics of first-party data and why it's so important in the digital age.
Param Gopalasamy
June 06, 20234 min read
Data Discovery & Classification
How does Microsoft 365 integrate with OneTrust Data Discovery?
Learn how OneTrust Data Discovery integrates with Microsoft 365 to build an all-encompassing, centralized data catalog out of your unstructured data.
Sam Curcuruto
June 02, 20233 min read
Third-Party Risk
HackNotice and OneTrust partner for deeper third-party threat intelligence
OneTrust customers can take advantage of HackNotice’s near real-time breach alerts.
June 01, 20233 min read
Privacy Management
Assessing your international data transfers post-DPC ruling
The recent decision cast fresh doubt over the effectiveness of transfer safeguards and supplementary measures in conjunction with the practical application of third-country surveillance laws.
Linda Thielova
June 01, 20238 min read
Privacy Management
Florida looks to pass Digital Bill of Rights
The bill now awaits the Governor’s signature, which would allow consumers more visibility into their data that’s been collected by businesses
Alexis Kateifides
May 31, 20235 min read
Privacy & Data Governance
Google Play Store data requirements (and how to handle them)
The latest updates on Google Play Store app requirements, as well as how OneTrust Mobile App Consent can help your organization stay compliant
Ashlea Cartee
May 31, 20237 min read
Privacy Management
Data Privacy and Security Act passed in Texas
The Texas Data Privacy and Security Act will become the fifth piece of US privacy legislation to pass this year and, once signed, will become effective on July 1, 2024.
Robb Hisco*ck
May 31, 20236 min read
Privacy Management
3 priorities for the French DPO: Priority 3 – automate
Automation is key to freeing up valuable time and resources that can then be dedicated to other areas of your compliance program.
Robb Hisco*ck
May 30, 20236 min read
Data Discovery & Classification
How a data discovery solution keeps your organization secure
Finding and classifying data is just the first step in your discovery and security process
Jason Koestenblatt
May 25, 20235 min read
Data Discovery & Security
ROT data is a security issue: How are you handling it?
Automating data discovery is the first step in classifying obsolete digital information
Sam Curcuruto
May 23, 20233 min read
Privacy Management
Reflecting on 5 years of the GDPR
Look back on five years of the EU’s General Data Protection Regulation with expert views infographics, eBooks, and more
Robb Hisco*ck
May 23, 20235 min read
Consent & Preferences
First party data 101: What your marketing team needs to know
Read more to answer frequently asked questions around first-party data and how your organization can take advantage of it
Ashlea Cartee
May 23, 20236 min read
Data Discovery & Classification
Data discovery helps governance teams stay secure
Data governance is needed for organizations to meet compliance requirements
Sam Curcuruto
May 18, 20233 min read
Data Discovery & Classification
Why is data minimization important for your security teams?
Unused digital information is an easy target for hackers, increasing your organization’s risk
May 16, 20232 min read
Responsible AI
Embracing responsible AI: 3 steps to get your organization started
With the latest statement from the White House on responsible AI, it’s clear AI is firmly in the spotlight. Find out how your organization can establish a foundation to address AI risks.
Alexis Kateifides
May 16, 20234 min read
Consent & Preferences
What the latest Google CMP requirements mean for your organization
Google announced their latest requirements around consent management platforms for organizations that utilize their network for ads
Ryan Karlin
May 16, 20233 min read
Responsible AI
Top 10 AI governance essentials every CPO needs to know in 2023
Learn how to integrate AI governance into your product strategies to achieve responsible AI use
Linda Thielova
May 15, 20235 min read
Privacy & Data Governance
OneTrust unveils latest platform innovations to drive responsible data use and business resilience
Enhancements to our Trust Intelligence Platform help organizations unlock the value of trust
OneTrust Editorial Team
May 12, 2023
Ethics & Compliance
‘Culture of compliance’ behind DOJ’s voluntary self-disclosure updates
Is your compliance program ready to do the right thing and step up and own up to misconduct?
Jisha Dymond
May 12, 20238 min read
GRC & Security Assurance
Data retention policies should be automated to reduce risk
Tooling can create benefits for the organization while staying compliant with regulations
Jason Koestenblatt
May 11, 20234 min read
Ethics Program Management
Building a strategic framework for policy governance
Learn how a "policy on policies" can help create a framework for effective ethics policy governance and risk management.
Gbemi Yusuff
May 10, 20236 min read
Privacy Management
A privacy professional's guide to navigating responsible AI adoption
Learn how privacy professionals can guide their organizations towards responsible AI adoption by developing a comprehensive AI strategy that integrates privacy considerations, fostering a privacy-focused culture around AI decision-making, and navigating the risks of AI.
May 09, 20236 min read
Internal Audit Management
How to reduce audit fatigue: 5 remedies for InfoSec pros
How do you alleviate audit fatigue in your InfoSec team? Here are 5 practical remedies to reduce the stress and workload of frequent security audits
Katrina Dalao
May 08, 20238 min read
Data Discovery & Classification
How automation helps reduce your sensitive data footprint
Establish data retention and minimization policies to reduce your organization’s attack surface
Sam Curcuruto
May 05, 20234 min read
Privacy Management
Navigating the NIST AI Risk Management Framework with confidence
The NIST AI Risk Management Framework can help your organization to manage the risks associated with AI. Read the blog to learn how.
Laurence McNally
May 05, 20235 min read
Data Discovery & Classification
Expanding our data discovery leadership with machine learning classification tools
Learn how OneTrust Data Discovery uses AI, machine learning, and privacy by design to ensure responsible and compliant data governance.
Sam Curcuruto
May 04, 20233 min read
Privacy & Data Governance
Indiana set to become the 7th state to pass a comprehensive privacy law
The Indiana Consumer Data Protection Act will be set to take effect in 2026.
Alexis Kateifides
May 04, 20233 min read
Internal Audit Management
What is information security compliance?
What is InfoSec compliance? Learn why compliance is essential for your organization and how it safeguards against cyberthreats.
Katrina Dalao
May 04, 20237 min read
Privacy Management
Making privacy and trust a strategic imperative
Privacy has evolved beyond compliance. See what Forrester analyst Enza Iannopollo had to say about making privacy and trust a strategic imperative
Robb Hisco*ck, featuring Enza Iannopollo
May 03, 20237 min read
Privacy Management
Tennessee passes Information Protection Act
Discover the impact of the Tennessee Information Protection Act (TIPA), passed on April 21, 2023, as it reshapes the US privacy landscape with new requirements for businesses, including risk assessments, data minimization, and opt-in consent for processing sensitive information, effective July 1, 2025.
Robb Hisco*ck
April 26, 20235 min read
ESG Program Management
What is the EU Carbon Border Adjustment Mechanism (CBAM)?
Learn how your organization can prepare for new regulations around carbon emissions in imported goods
Chris Fenwick
April 25, 20234 min read
Consent & Preferences
OneTrust Consent and Preferences now integrates with Tealium IQ
Tealium IQ launched Consent Integrations for their tag management system, enabling seamless privacy-first marketing campaigns
Ashlea Cartee
April 21, 20233 min read
Data Discovery & Security
Preparing for new privacy legislation in Canada: Part one
How Canadian companies should respond to the new Consumer Privacy Protection Act (Bill C-27).
Neil Saddington
April 20, 20235 min read
Privacy & Data Governance
Vietnam publishes long-awaited Personal Data Protection Decree
Vietnam has finally published its Personal Data Protection Decree (PDPD). We cover its key points and how business can prepare for compliance.
Robb Hisco*ck
April 19, 20238 min read
Third-Party Due Diligence
OneTrust partners with Dow Jones Risk & Compliance for data-driven third-party due diligence
Today, we’re excited to announce the partnership between Dow Jones Risk & Compliance and OneTrust Third-Party Due Diligence.
Kelly Maxwell
April 18, 20236 min read
Data Discovery & Classification
5 ways to harness data classification to mitigate data sprawl
We explore the issue of data sprawl and how data classification automation tools can help mitigate it.
Bex Evans
April 18, 20236 min read
Privacy & Data Governance
Washington state passes My Health My Data Act
The My Health My Data Act provides stronger privacy protections for consumers in relation to their personal health data.
Alexis Kateifides
April 14, 20239 min read
Consent & Preferences
OneTrust + Adobe = Automated consent orchestration
OneTrust Consent and Preferences integrates with Adobe Experience Platform so businesses can provide personalized experiences and comply with regulations.
Alex Cash
March 20, 20233 min read
Privacy & Data Governance
Making it easier to responsibly use data with new data discovery capabilities
OneTrust's data discovery capabilities make it easier for businesses to understand and use data responsibly by connecting and classifying existing data.
Ojas Rege
March 20, 20234 min read
Privacy & Data Governance
Governor signs comprehensive privacy bill in Iowa
Governor Reynolds of Iowa signed SF262, An Act Relating To Consumer Data Protection offering a more business-friendly approach to privacy.
Robb Hisco*ck, Content Marketing Specialist, CIPP/E, CIPM, OneTrust
March 17, 20235 min read
Data Discovery & Classification
What is data discovery?
Businesses are dealing with unprecedented amounts of digital information that needs to be monitored, managed, and secured.
Jason Koestenblatt, Team Lead, Content Marketing, OneTrust
March 10, 20238 min read
Consent & Preferences
The ROI of purpose-based consent and preference management
Learn how consent management is essential to build trust and delivering personalized customer experiences by collecting and using data responsibly.
Ashlea Cartee, Senior Product Marketing Manager, OneTrust
March 10, 20237 min read
Third-Party Risk
How to manage third-party risk across your entire business
Businesses need a comprehensive third-party management strategy covering all aspects of their relationships with third parties, such as security, privacy, ethics, and ESG.
March 08, 20237 min read
Privacy & Data Governance
UK Data Protection and Digital Information Bill re-introduced to Parliament
The UK Data Protection and Digital Information Bill aims to reduce the administrative burden on businesses, promote international trade and reduce consent notices.
Robb Hisco*ck
March 08, 20235 min read
ESG & Sustainability
The ultimate guide to board diversity and skills requirements
ESG governance is becoming increasingly important as companies face pressure from stakeholders to address environmental, social, and governance issues.
Chris Fenwick
March 08, 202323 min read
Third-Party Risk
Why data privacy and third-party risk teams need to work together
Sharing information and resources across organizational silos is mutually beneficial for teams with the common goal of mitigating data privacy risk.
Scott Solomon
March 07, 20236 min read
GRC & Security Assurance
How to manage privacy and security compliance? 6 questions with GRC experts
Our GRC experts discuss how privacy and security compliance are evolving to meet modern market demands and ushering in a whole new era of automation.
Katrina Dalao, Sr. Content Marketing Specialist, OneTrust
March 07, 20238 min read
GRC & Security Assurance
Understanding IT security frameworks: Types and examples
Security frameworks are roadmaps for developing and implementing effective security programs that protect organizations from threats and vulnerabilities.
Katrina Dalao
March 06, 202311 min read
GRC & Security Assurance
5 ways leaders are automating their GRC programs in 2023
Learn five top functional categories GRC professionals and leaders identify as priorities for creating a mature and meaningful automation strategy.
March 02, 20234 min read
Ethics & Compliance
Speak-up culture 101: Why speak-up culture matters and how to build yours
Learn how to build, measure, and grow your speak-up program to foster trust, shared responsibility, and the highest standards of ethical conduct.
Gbemi Yusuff
March 02, 20239 min read
Privacy & Data Governance
How to approach the ICO’s “Privacy in the product design lifecycle”
Learn more about the ICO's "Privacy in the product design lifecycle" guidance and how you can implement Privacy by Design (PbD) in your organization.
Robb Hisco*ck
March 01, 202311 min read
GRC & Security Assurance
10 GRC trends: What’s next for governance, risk, and compliance?
Cybersecurity, third-party risk, and other policies fall under the GRC domain. Here are the top 10 emerging drivers and trends shaping security compliance.
Katrina Dalao
February 23, 20235 min read
Privacy & Data Governance
Global Privacy Platform (GPP): What this means for ad tech and US privacy laws
IAB Tech Lab, the digital advertising technical standards-setting body, recently announced the launch of its Global Privacy Platform (GPP).
Ashlea Cartee
February 23, 20234 min read
Privacy & Data Governance
3 priorities for the French DPO: 1. Gain visibility
DPOs must have visibility into what teams are doing and work closely with the CISO to help direct organizational processes toward data protection and security.
Noshin Khan
February 22, 20239 min read
Trust Intelligence
OneTrust kicks off new year with strong momentum, building on successes from 2022
In 2023, we are focused on continuing to innovate across this platform, focusing on the core areas of privacy, security, ethics, compliance, and ESG.
February 20, 20235 min read
Ethics Program Management
Speak-up culture toolkit: Policy management
Learn how effective policy management drives employee engagement and strengthens your company speak-up culture.
Noshin Kahn
February 20, 20237 min read
GRC & Security Assurance
OneTrust introduces Certification Automation
OneTrust Certification Automation facilitates the compliance and audit process to help you achieve security certifications in half the time.
Katrina Dalao
February 16, 20233 min read
Third-Party Risk
Supply Wisdom risk intelligence is now available in OneTrust’s Third-Party Risk Exchange
The partnership with Supply Wisdom brings compliance, financial, location-based ESG, and cyber risk data to Exchange customers and their third parties.
Chet Devchand, Director, Business Development Management
February 14, 20233 min read
Third-Party Due Diligence
Speak-up culture toolkit: Inviting third parties to contribute
Creating a strong, healthy speak-up culture requires you to empower all participants, including third parties, to raise issues related to ethics and compliance.
Gbemi Yusuff
February 13, 20236 min read
GRC & Security Assurance
7 steps to comply with ISO 31700-1:2023 (standard on Privacy by Design)
This standard looks to define clear rules for organizations around how consumers’ personal information is processed and how consumer privacy is addressed throughout the product lifecycle
Linda Thielova
February 10, 20237 min read
ESG & Sustainability
The EU Taxonomy: What you need to know
With two objectives of the EU Taxonomy in effect, make sure your organization is on top of compliance with new ESG reporting requirements.
Chris Fenwick, OneTrust Head of ESG Center of Excellence
February 09, 20236 min read
Privacy & Data Governance
What California’s CCPA investigative sweep means for your mobile applications
The California Attorney General declared an investigative sweep of mobile apps that don't comply with certain CCPA opt-out and consumer request provisions.
Alex Cash
February 01, 20235 min read
Consent & Preferences
The ultimate guide to US opt-out requirements
Five new US state privacy laws mean five new sets of opt-out requirements. Learn how to make sure your organization maintains compliance in 2023.
Ashlea Cartee
January 31, 202310 min read
ESG & Sustainability
ESG reporting 101: Guide to ESG standards and sustainability frameworks
As norms and standards continue to evolve, you should be prepared to respond with your own ESG reporting strategy and management.
Julie Yamamoto
January 30, 202323 min read
Privacy & Data Governance
Colorado AG releases third version of draft CPA regulations
The latest version of the draft Colorado Privacy Act regulations is based on the outcome of the public consultation held between October 2022 and January 2023.
Robb Hisco*ck, Content Marketing Specialist | CIPP/E, CIPM
January 30, 202313 min read
Privacy & Data Governance
Your guide to celebrating Data Privacy Day 2023
Data Privacy Day 2023 is a great chance to raise awareness of privacy and data protection issues from around the world and your organization.
Robb Hisco*ck, Content Marketing Specialist | CIPP/E, CIPM
January 25, 20237 min read
ESG & Sustainability
Ultimate guide to the EU CSRD ESG regulation for businesses
This guide provides everything your business needs to know about the upcoming EU ESG regulation - the Corporate Sustainability Reporting Directive (CSRD).
Julie Yamamoto, ESG Content Marketing Manager, OneTrust
January 20, 202316 min read
Ethics & Compliance
Speak-up culture toolkit: Leveraging disclosure data to drive a speak-up culture
Healthy disclosure rates are an indicator of a strong speak-up culture. Discover how to improve disclosure participation and engagement.
Noshin Khan
January 17, 20234 min read
Privacy & Data Governance
Addressing UK app Code of Practice requirements with OneTrust
OneTrust has developed an Android SDK scanner to comply with Google Play Data safety while supporting the new UK app Code of Practice.
Julian Evans
January 13, 20236 min read
Privacy & Data Governance
Belgian DPA approves action plan for IAB Europe’s TCF
After violating the GDPR, the Belgian DPA approved an action plan to bring the processing of personal data within the IAB TCF into compliance with the GDPR.
Alex Cash, Director of Strategy, Consent & Preferences | CIPP/E, CIPM
January 12, 20237 min read
Ethics & Compliance
Continuous improvement: The leading indicator for successful compliance programs
Continuous improvement is a method of operationalizing improvement to processes, products, or other aspects of a business through a cycle of repeatable steps.
Gbemi Yusuff
January 11, 20236 min read
Third-Party Risk
Build trust, promote your program in the Third-Party Risk Exchange
The Third-Party Risk Exchange allows businesses to learn more about each other's security posture, offer SIG Lite assessments on-demand, and more.
Pranav Menem
January 10, 20233 min read
Consent & Preferences
Consent management by the numbers: 2022 DMA report summary
We partnered with the Data & Marketing Association (DMA) (UK) to research how marketers manage their data and the value they realize using CMP systems.
Ashlea Cartee, Senior Product Marketing Manager, OneTrust Consent and Preferences
January 09, 20234 min read
Trust Intelligence
Building trust in a zero trust world
OneTrust CEO Kabir Barday recently participated in a panel discussion with Deloitte at CES, discussing how to build digital trust to drive business performance.
Kabir Barday CEO, OneTrust
January 09, 20234 min read
Privacy & Data Governance
Navigating the California Privacy Rights Act as a HIPAA-compliant business
CPRA’s health information exemption is not a blanket entity exemption, meaning HIPAA-compliant organizations may still need to consider its requirements.
Bex Evans, Senior Product Marketing Manager | CIPP/E, CIPM
January 09, 20235 min read
Privacy & Data Governance
US state privacy bills on the horizon in 2023
Stay up to date with the latest news in US state privacy law, with bill highlights, legislation status, and resources to help your organization stay compliant.
Param Gopalasamy
January 06, 20234 min read
ESG & Sustainability
EFRAG approved the European Sustainability Reporting Standards
EFRAG has released first draft European sustainability reporting standards as part of the EU Corporate Sustainability Reporting Directive.
Chris Fenwick
January 06, 20238 min read
Speak-Up Program Management
Speak-up culture toolkit: Helpline and case management
Everyone wins when you shine a light on your ethics and compliance helpline and build a speak-up culture that reflects your organization's values.
Kelly Maxwell, Content Marketing Specialist
January 05, 20236 min read
Consent & Preferences
3 steps to stay compliant while using consent-driven targeted marketing
Learn how your organization can utilize targeted ads while still being compliant by following these three steps to ensure you prioritize your user's privacy.
Alex Cash
January 04, 20234 min read
Third-Party Risk
As third-party needs sprawl, so do risk management investments
From a new focus on ESG to a renewed need for cybersecurity, third-party and vendor risk management solutions have become a priority for organizations.
Jason Koestenblatt
January 04, 20233 min read
Privacy Automation
The dos and don’ts of CPRA privacy rights requests
The CPRA has new consumer rights for California residents and employees, meaning new obligations and rights requests are coming your organization's way.
Robb Hisco*ck
January 03, 20237 min read
Data Discovery & Security
How OneTrust helps reduce your sensitive data footprint
More data, more costs, more risk. More value? That’s up to how your organization makes use of data retention and minimization principles.
Rebecca Evans
December 23, 20224 min read
Privacy & Data Governance
Conducting PIA, DPIA, and TIA to inform notices
Privacy Impact Assessments, Data Protection Impact Assessments, and Transfer Impact Assessments are vary greatly in terms of what, why, and when.
Robb Hisco*ck, Content Marketing Specialist | CIPP/E, CIPM
December 21, 20229 min read
Ethics & Compliance
The ultimate guide to complying with the EU Whistleblower Directive
Due to the Directive, your whistleblower hotline, retaliation policies, and compliance program may require a revamp, even if your employees are not in the EU.
December 19, 202215 min read
ESG & Sustainability
CSRD: EU ESG disclosure rule is approved
The European Parliament and Council adopted the CSRD to make businesses more publicly accountable for their societal and environmental impacts.
Alexis Kateifides, Senior Counsel, OneTrust Centers of Excellence
December 18, 20226 min read
Privacy & Data Governance
CCPA toll-free number requirement
The California Privacy Rights Act (CPRA) follows up the CCPA with new and expanded rights, retaining the toll-free number requirement.
Param Gopalasamy, CIPP/E, CIPM
December 15, 20224 min read
Ethics & Compliance
Maximizing your compliance budget in 2023
If your team receive cuts, follow these recommendations to prioritize resources for critical activities, do more with less, and continue to achieve key outcomes.
December 14, 20226 min read
ESG & Sustainability
Ultimate guide to ESG sustainability
As global organizations begin to adopt key ESG principles, it's critical to pivot your business strategy to address sustainability.
Julie Yamamoto
December 13, 202235 min read
Privacy & Data Governance
The ultimate guide to US privacy
Our guide will help you better understand the five state privacy laws and how they will define the US privacy landscape in lieu of a federal privacy framework.
Robb Hisco*ck
December 09, 202222 min read
Third-Party Due Diligence
Best practices for conducting third-party due diligence for ethics and compliance
A well-designed compliance program should apply risk-based due diligence and have a process for the full lifecycle of third-party risk management
Kelly Maxwell
December 08, 20229 min read
ESG & Sustainability
3 key takeaways from COP27
Learn three key takeaways from COP27, which includes reinforcing the growing demand for true and accurate reporting on climate risks for investors.
Chris Fenwick
December 06, 20228 min read
Trust Intelligence
Trending toward trust: What organizations need to watch in 2023
Trending Toward Trust is the new 2023 report from OneTrust, highlighting some of the most significant trends that will shape trust in organizations.
Robb Hisco*ck
December 05, 20224 min read
Third-Party Risk
Ironclad, OneTrust partner to streamline and secure third-party procurement processes
To help organizations take a holistic approach to the third-party contracting and risk management process, OneTrust has partnered with Ironclad.
Chet Devchand
November 30, 20224 min read
Privacy & Data Governance
Navigating the CPRA as a GLBA-compliant business
The California legislature amended the CCPA , recognizing the conflict between the CCPA and sectoral frameworks such as the Gramm-Leach-Bliley Act.
Robb Hisco*ck
November 29, 20225 min read
ESG & Sustainability
Proposed UK Disclosure Framework Focuses on Corporate Climate Transition | Blog | OneTrust
At COP27, the UK announced The Transition Plan Taskforce Disclosure Framework aiming to strengthen reporting requirements for companies in the UK.
Chris Fenwick, OneTrust Head of ESG Center of Excellence
November 29, 20227 min read
Privacy & Data Governance
From Sapin II to Sapin III: France’s anti-corruption fight
Sapin III will soon expand the French commitment to detect and punish corruption – how will you and your compliance team need to adapt?
Kelly Maxwell
November 28, 20228 min read
Third-Party Risk
What every Chief Privacy Officer should know about third-party risk management
CPOs track risk via data mapping, in which data is discovered, assessed, and tracked as it flows throughout the organization, including to third parties.
Jason Koestenblatt, Team Lead, Content Marketing
November 18, 20226 min read
Ethics & Compliance
The role of disclosures in risk assessment and mitigation
An effective COI program will identify and mitigate these organizational risks through effective employee engagement, analysis, and periodic review.
Noshin Khan
November 17, 20225 min read
ESG & Sustainability
US Climate Risk Rule Could Affect More Than 5,700 Federal Suppliers | Blog | OneTrust
The US proposes a climate risk rule requiring major suppliers to disclose greenhouse gas emissions and set science-based emissions reduction targets.
Chris Fenwick
November 15, 20225 min read
ESG & Sustainability
The COP27 climate summit: What to expect and why it matters
The annual COP is the largest and most important climate action event of the year and is a critical step in prioritizing collective efforts to fight climate change.
Chris Fenwick, OneTrust Head of ESG Center of Excellence
November 14, 202210 min read
Privacy & Data Governance
3 steps for mitigating the impact of ransomware attacks through data discovery
Ransomware attacks are costly to a company's bottom line and reputation, but having greater knowledge of your dataset can reduce the impact of an attack.
Bex Evans
November 09, 20225 min read
GRC & Security Assurance
SOC 2: starting your audit process
SOC 2 is a voluntary compliance standard for managing customer data while outlining the minimum requirements to maintain your customers' security.
November 09, 20224 min read
Ethics Program Management
Department of Justice: 2022 updates to corporate compliance guidance
After this year's DOJ updates, corporate compliance officers must update their executive teams and boards of directors on the new approach to enforcement.
Kelly Maxwell
November 08, 20228 min read
Privacy & Data Governance
CCPA regulations: A timeline of amendments
Since its passing, the CCPA and its accompanying regulations have undergone several modifications. Here's your guide to understanding them better.
Param Gopalasamy
November 03, 202211 min read
GRC & Security Assurance
9-point framework for evaluating SOC 2 software
The founder of Fractional CISO, Rob Black, identified nine key considerations to guide the vendor evaluation process and reach your SOC 2 compliance goals.
November 02, 20225 min read
Third-Party Risk
Thousands of RiskRecon grades now available in the OneTrust Third-Party Risk Exchange
We are partnering with RiskRecon, a Mastercard Company to make cybersecurity ratings available out-of-the-box to all Third-Party Risk Exchange customers.
Chet Devchand
November 01, 20223 min read
Privacy & Data Governance
US Privacy Masterclass: Your four essential questions answered
In this blog, we’ll go over questions around the GLBA, NIST, GPC, and PIAs in California and HIPAA and explain how your organization can comply.
Garrett Groos
October 31, 20224 min read
Privacy & Data Governance
Navigating the CPRA’s “Do Not Sell or Share” requirement
On January 1, 2023, the California Privacy Rights Act (CPRA) will expand and amend several aspects of the CCPA, including consumer rights.
Param Gopalasamy
October 28, 20225 min read
Privacy & Data Governance
Navigating the CPRA’s “Do Not Sell or Share” requirement
CCPA consumer rights such as the right to opt out of the sale of personal information, have resulted in critical challenges. Learn how OneTrust helps.
Param Gopalasamy
October 28, 20225 min read
Consent & Preferences
Use first-party data for a powerful digital experience
Collecting, managing, and activating first-party data will enhance customer experience by providing customers with the right experience at the right time.
Ashlea Cartee, Product Marketing Manager, Consent and Preferences
October 26, 20229 min read
GRC & Security Assurance
What are the ISO 27001 updates?
The International Organization for Standardization (ISO) released its first framework, the 27001, that outlined a cybersecurity foundation for businesses.
Jason Koestenblatt, Team Lead, Content Marketing
October 25, 20224 min read
GRC & Security Assurance
ISO 27001: Scoping and mandatory clauses
Prepare for ISO 27001 certification with a scope statement that defines your company’s information security management system.
October 24, 20223 min read
Third-Party Risk
Put a hold on hacks: Fight the phish and other emerging cyber threats
In 2021, there was a 62% global attack spike in ransomware (158% increase in North America), and an increased focus on attacks by regulatory bodies.
Jason Koestenblatt, Team Lead, Content Marketing
October 21, 20226 min read
Privacy & Data Governance
Is GDPR relevant for your US-based tech startup?
Learn about the pivotal EU law, GDPR, that could affect how your company approaches customer data protection and privacy US-based company.
October 19, 20222 min read
Ethics & Compliance
Holiday disclosures: Avoid conflicts of interest during gift-giving season
With the season of holiday parties and corporate gifting around the corner, autumn and winter are jam-packed with potential conflicts of interest.
Kelly Maxwell
October 18, 20225 min read
Introducing the New OneTrust Brand
The changes to our new OneTrust logo and brand identity represent the next era of our company as the market-defining leader in Trust Intelligence.
Lisa Campbell
October 12, 20222 min read
Privacy & Data Governance
OneTrust partners with Microsoft to enhance customer experience with Microsoft Intelligent Data Platform
OneTrust and Microsoft are partnering to expand the options available to Chief Data Officers (CDOs) to address this challenge of visibility and governance.
Chet Devchand, Head of Technology Partnerships
October 12, 20223 min read
Ethics & Compliance
Compliance best practices: Presenting to a board of directors
Giving a compliance presentation to the board of directors can be a nerve-wracking experience, but these ten guidelines will set you up for success.
Phillip Winterburn
October 11, 20229 min read
ESG Program Management
Embedding ESG transformation into the future enterprise
An organization's ability to demonstrate its ESG credentials transparently has become a vital business differentiator and a critical part of trust conversations.
Vladimir Kroa
October 10, 20226 min read
GRC & Security Assurance
What can and can’t be automated for SOC 2
Not all SOC 2 components can be automated, but those that can save your business time and money. Learn more about what can be automated for SOC 2.
October 05, 20224 min read
Carbon Accounting
Corporate climate goals: Building your net zero story
When addressing climate change impact across the enterprise, it's important to consider not only your internal impact, but external influences.
Julie Yamamoto, ESG Content Marketing Manager
October 04, 202211 min read
Third-Party Due Diligence
Triage: The first step for effective third-party due diligence
According to the DOJ’s guidance, it’s necessary to prioritize due diligence, questionnaires, and contracting with the third parties that present highest risk.
Jenna Thomas
September 29, 20224 min read
GRC & Security Assurance
What is a SOC 2 report?
Systems and Organization Controls 2 is an attestation that evaluates your company’s ability to securely manage the data you collect from your customers.
September 28, 20226 min read
Third-Party Risk
Why choose OneTrust for third-party management?
OneTrust simplifies third-party management by enabling control and visibility throughout the entire third-party lifecycle while you manage third parties.
Scott Solomon, Senior Manager, Product Marketing
September 23, 20225 min read
GRC & Security Assurance
How much does ISO 27001 certification cost?
Companies are choosing to adopt a trusted security framework, and ISO 27001, as a globally recognized certification, is the framework of choice for many.
September 21, 20226 min read
GRC & Security Assurance
How to use your security program to win more deals
As more customers are concerned with data protection, a security-focused sales process can help win more deals.
September 21, 20222 min read
GRC & Security Assurance
6 questions, 2 InfoSec directors: Your policy management answers
In a OneTrust-hosted webinar, we discussed the common pitfalls of policy management for InfoSec teams with the Director of Information Security at Arcadia.
Jason Koestenblatt
September 21, 20228 min read
Privacy & Data Governance
US privacy masterclass 2.0: webinars + roadshows
Get the latest information about updated consumer rights, expanded employee rights, and privacy risk assessments, and learn to operationalize them.
Anne Kenyon
September 20, 2022
Privacy & Data Governance
Children’s online safety at the forefront of California law
California's new law, AB 2273, known as the California Age-Appropriate Design Code Act (CAADCA), protects minors and their data on the Internet.
Ojas Rege
September 20, 20223 min read
GRC & Security Assurance
Understanding ISO 27001 Annex A Controls | Blog | OneTrust
Learn the key points of ISO 27001 Annex A controls and how they affect the overall audit process for your organization.
September 15, 20225 min read
GRC & Security Assurance
What is Statement of Applicability?
Your Statement of Applicability for ISO 27001, otherwise known as your SoA, is a mandatory step for anyone planning on pursuing ISO 27001 certification.
September 14, 20226 min read
GRC & Security Assurance
What is change management?
A defined change management process enables your organization to mitigate risk and reduce disruption.
September 14, 20224 min read
GRC & Security Assurance
SyncMonkey saves $100K, hundreds of hours with SOC 2 compliance automation
Centralized information management system SyncMonkey took a proactive approach to security by investing in certification automation
September 13, 20223 min read
Privacy & Data Governance
CPRA employee privacy rights moving ahead
The CPRA will extend new rights for employees which will present a unique set of challenges for organizations. Read the blog to learn more.
Tess Macapinlac, OneTrust Lead Privacy Counsel
September 08, 20225 min read
GRC & Security Assurance
Building an information security program from scratch
In this blog, we’ll discuss the three stages of building your InfoSec program in more understandable terms, so you can get started getting more secure.
September 07, 20226 min read
Ethics & Compliance
Compliance program performance metrics: How to measure compliance
Effectively Measuring compliance can prevent reputational damage, protect the bottom line, and potentially avoid costly fines and enforcement action.
Kelly Maxwell
September 07, 20227 min read
Internal Audit Management
The ISO 27001 audit process
An ISO 27001 audit ensures your organization has the necessary information security management and relevant policies in place
September 07, 20225 min read
Carbon Accounting
What are scope 1, 2, and 3 emissions?
The GHG Protocol Corporate Standard defines three types of GHG emissions - Scope 1 (direct emissions) and Scope 2 and Scope 3 (indirect emissions).
Julie Yamamoto, ESG Content Marketing Manager
September 06, 202214 min read
Third-Party Risk
Reduce unnecessary risk with third-party risk management controls
As more tasks are outsourced to third-party providers, risk management programs become critical to securing sensitive data
September 03, 20224 min read
ESG & Sustainability
Jump start your ESG program and reporting in 5 easy steps
ESG programs can be challenging to build and manage as they cross organizational boundaries and have multiple internal and external stakeholders.
Julie Yamamoto, ESG Content Marketing Manager, OneTrust
August 31, 20225 min read
Ethics & Compliance
How to comply: German Supply Chain Due Diligence Act and forthcoming EU rules
New regulations around the world are focused on human rights, environmental risks, and labor rights, creating a new set of obligations for companies.
Kelly Maxwell, Content Marketing Specialist, OneTrust
August 29, 20227 min read
Consent & Preferences
How does consent affect data retention?
Organizations must be able to justify and maintain meticulous records of how and why they’re using data downstream from the point of collection.
Ashlea Cartee, OneTrust Product Marketing Manager, Consent and Preferences
August 29, 20225 min read
ESG & Sustainability
The corporate carbon footprint: a quick guide
A company’s Corporate Carbon Footprint (CCF), is the total amount of GHG emissions that are directly or indirectly caused by a company’s activities.
Marc Issel, Director of Carbon Intelligence, OneTrust
August 25, 20227 min read
Consent & Preferences
Global Privacy Control: How to honor consumer opt-out requests
The Global Privacy Control (GPC) empowers users to signal their chosen privacy settings to websites and services through their browser.
Alex Cash, OneTrust Director of Strategy
August 25, 20222 min read
Data Discovery & Security
6 questions to ask yourself when building a Data Governance framework
Let’s explore building your own data governance framework, including the benefits and questions to ask yourself and your team when undergoing the process.
Kevin Jones
August 19, 20224 min read
Privacy & Data Governance
Top 4 benefits of Data Governance tools
Data governance tools can help you enhance the privacy, security, and integrity of your data while adding value to your business.
Kevin Jones, Director, Product Management, Privacy & Data Governance Cloud
August 17, 20225 min read
Trust Intelligence
Your ultimate guide to careers at OneTrust
OneTrust is a team of people who are collectively passionate about innovation and technology while supporting career development and growth.
August 11, 2022
Cookie Consent
August cookie complaints from noyb: What you need to know
On August 9, 2022, Max Schrems’ noyb lodged 226 GDPR-related complaints with 18 authorities against websites for cookie banner compliance.
Ojas Rege
August 10, 20222 min read
Ethics & Compliance
Whistleblower risk for private companies
Privately-owned companies in the U.S. and Europe are potential targets for the Sarbanes-Oxley Act (SOX) and EU Directive retaliation lawsuits.
August 04, 20228 min read
Consent & Preferences
Google delays deprecation of cookies until 2024
On July 27, 2022, Google announced that they are postponing the deprecation of third-party cookies on Google Chrome to 2024. Here's what to know.
Ashlea Cartee
August 01, 20223 min read
Privacy & Data Governance
The ADPPA advances to the house floor
The ADPPA is emerging to have the strongest chance of success after being passed after the House Energy and Commerce Committee voted 53-2 in its favor.
Alexis Kateifides
July 21, 20223 min read
Privacy & Data Governance
Policy attestation: If you can’t measure it, you can’t manage it
A successful policy management program will help you establish governance, achieve compliance, and reduce business risk.
Michele Muriyan, Product Marketing Manager, GRCP
July 21, 20224 min read
Privacy & Data Governance
Comparing ISO 37002 and the EU Whistleblower Directive
The ISO 37002 is a framework for setting up and maintaining a whistleblowing hotline that adheres to the highest standards as outlined by the ISO.
Kelly Maxwell
July 19, 20223 min read
ESG & Sustainability
ESG 101: What does social in ESG mean?
This ESG 101 blog takes a closer look at the Social in ESG: what it is, why social impact is important, and how to map it to Sustainable Development Goals.
Jamie Molnar
July 12, 202213 min read
Privacy & Data Governance
The California Privacy Protection Agency (CPPA) files notice of proposed rulemaking for the CPRA
The CPPA announced on July 8, 2022, that it is beginning the process to adopt regulations to implement the Consumer Privacy Rights Act of 2020 (CPRA).
Alexis Kateifides, OneTrust Senior Center of Excellence Counsel
July 11, 20222 min read
Third-Party Due Diligence
How to manage and measure third-party risk
To become a trust-based business, protect your brand's reputation, and ensure compliance, you'll need to vet and monitor your third-party relationships.
Kelly Maxwell
July 10, 20226 min read
Privacy & Data Governance
The top 6 data governance best practices
We will look at the top six best data governance practices to ensure your organization's program delivers and is efficient and effective.
Sam Gillespie, OneTrust Offering Manager, Privacy & Data Governance
July 08, 20224 min read
Ethics & Compliance
Wendy Addison and LeisureNet: A Whistleblower’s story of Retaliation
After blowing the whistle on South Africa's LeisureNet, Wendy Addison lost her job, survived poverty, and spent decades rebuilding her life and career.
Kelly Maxwell, Content Marketing Specialist, OneTrust
July 07, 20227 min read
Ethics & Compliance
The EU Whistleblower Directive and GDPR: How to protect whistleblowing data
It’s essential that your organization's whistleblowing processes account for the requirements of both GDPR and the EU Whistleblower Directive.
Jenna Thomas
July 05, 20224 min read
GRC & Security Assurance
What are the benefits of a GRC management tool?
GRC tools eliminate the worry of managing regulatory requirements and provide actionable insights to improve your GRC approach, aligning key risk initiatives.
Kaitlyn Archibald
June 30, 20224 min read
Ethics & Compliance
Finding a hotline vendor that will help you comply with the EU Whistleblower Directive
There are 7 key elements that you can use to evaluate potential vendors or measure your current hotline provider to comply with EU Whistleblower Directive.
Jenna Thomas, Content Marketing Manager, Ethics
June 29, 20228 min read
Consent & Preferences
OTT & CTV Consent: Providing streamers control over choices
As a result of OTT/CTV’s precise targeting capabilities and addressability, advertisers can tap into significant opportunities through this particular advertising medium.
Ashlea Cartee, OneTrust Product Marketing Manager, Consent & Preferences
June 28, 20225 min read
ESG & Sustainability
Trust geek glossary: SBTi – Science Based Targets initiative
The Science Based Targets initiative is a coalition that promotes SBTs to facilitate and strengthen business participation in the shift to a net-zero economy.
Julie Yamamoto
June 23, 202211 min read
Ethics & Compliance
How to support and protect whistleblowers on World Whistleblower Day and beyond
June 23 marks World Whistleblower Day, highlighting whistleblowers' importance in fighting corruption along with ways to support these brave individuals.
June 22, 20227 min read
Ethics & Compliance
The EU Whistleblower Protection Directive: Retaliation and the Reverse burden of proof
Your company likely has an anti-retaliation policy, but is it enough to meet the new requirements within the EU Whistleblower Protection Directive?
Kelly Maxwell, Content Marketing Specialist, OneTrust
June 16, 20226 min read
Privacy & Data Governance
5 privacy milestones to prepare for in 2023
Our team of regulatory experts monitors the global privacy landscape to interpret what current trends and milestones mean for maturing privacy programs.
Ryan Edge
June 14, 20227 min read
Ethics & Compliance
Treat your Code of Conduct like a marketing campaign
Thinking like a marketer will help push users to enact certain behaviors and drive engagement to your Code of Conduct and improve compliance.
June 13, 20227 min read
Third-Party Risk
10 steps to improving your security questionnaire responses
The information gathered from security questionnaires is critical in the evaluation of business and security practices, and is crucial for compliance.
Daniela Villarreal
June 12, 20227 min read
ESG & Sustainability
ESG 101: What are ESG topics?
This ESG blog series defines ESG and sustainability: what are ESG topics, why are they important, and how to map the three pillars of a sustainable business.
Julie Yamamoto, ESG Content Marketing Manager
June 09, 202210 min read
OneTrust organizational update
Due to the downturn in the capital markets, OneTrust reduced its workforce by 25% in June 2022, laying off 950 employees worldwide.
June 09, 20224 min read
Privacy & Data Governance
Your 2023 privacy strategy checklist
As you prepare for what’s ahead, OneTrust’s team of experts has rounded up the most significant considerations for your privacy strategy in 2023 and beyond.
Ryan Edge, Director of Strategy | CIPP/E, CIPM
June 08, 20228 min read
Ethics & Compliance
Gifts, travel, and entertainment (GT&E) policies
Avoid the pitfalls of a manual GT&E policy and disclosure management process, going on the offensive with OneTrust's fully integrated platform.
Kelly Maxwell
June 07, 20226 min read
Privacy & Data Governance
Differences between Google's Data Safety and Apple's Nutrition Label
Read our blog to learn about the differences between Google Data Safety and Apple Nutrition Labels requirements and why it matters.
June 07, 20228 min read
Consent & Preferences
4 questions with OneTrust’s Chief Marketing Officer & Tech Trailblazer, Lisa Campbell
To congratulate Lisa on winning 2022 Tech Trailblazer, we sat down to discuss her journey to becoming a "Tech Trailblazer" and why building trust is essential.
June 07, 20224 min read
Privacy & Data Governance
Bipartisan US Federal Privacy Bill submitted to the House of Representatives
On June 3, 2022, a draft of a comprehensive federal privacy bill, known as the American Data Privacy and Protection Act (ADPPA) was released.
Alexis Kateifides, Senior Center of Excellence Counsel | FIP, CIPM, CIPP/E
June 05, 20229 min read
Privacy & Data Governance
Building brand trust through Consent Governance
Learn how to set up a consent governance strategy across your organization to achieve privacy-centric data capture, distribution, and activation.
Ashlea Cartee
June 03, 20226 min read
Data Discovery & Security
4 steps to set up your data governance program
Let's go through four steps you can take to set up your data governance program effectively by leveraging the right tools and technologies.
Sam Gillespie, Data Governance Offering Manager
May 27, 20224 min read
ESG & Sustainability
IFRS outlines next steps for consolidating ESG disclosure standards
IFRS releases more details on integration of VRF as part of consolidating Environmental, Social, and Governance (ESG) disclosure standards.
Chris Fenwick, ESG Program Director,
May 26, 20225 min read
Privacy & Data Governance
How 4 years of GDPR has changed the privacy landscape
The introduction of the GDPR marked a new age in data protection legislation, opening the door to a growing global regulatory landscape.
Alexis Kateifides, Senior Center of Excellence Counsel
May 25, 20225 min read
TrustWeek 2022 Award winners announced
The TrustWeek 2022 Award Winners have been announced! The OneTrust team came together to recognize our bright and talented customers.
May 25, 20225 min read
Trust Intelligence
See the New Trust Intelligence Platform in action
Take a closer look at The Trust Intelligence Clouds, dedicated to solving today’s critical business challenges around trust and transparency
May 24, 20223 min read
Privacy & Data Governance
Announcing the OneTrust Privacy & Data Governance Cloud
OneTrust is excited to unveil the Privacy and Data Governance Cloud, empowering organizations to go beyond compliance and enable trusted data use.
Ryan Edge
May 24, 20227 min read
Ethics & Compliance
Announcing the OneTrust Ethics & Compliance Cloud
The OneTrust Ethics and Compliance Cloud enables ethics, compliance, HR, and legal teams to unite people, process, and technology.
Philip Winterburn
May 24, 20227 min read
GRC & Security Assurance
Announcing the OneTrust GRC and Security Assurance Cloud
OneTrust launches holistic GRC and Third-Party Management solutions for proactive cybersecurity and compliance practices.
Cliff Huntington
May 24, 20227 min read
Trust Intelligence
Your guide to the Trust Intelligence Platform from OneTrust
The Trust Intelligence Platform delivers visibility across trust domains, action based on AI and regulatory intelligence, and automation to build trust by design.
Blake Brannon, OneTrust Chief Strategy Officer
May 24, 20226 min read
Privacy & Data Governance
"OneTrust was the only one we could rely on": Customers put trust at the forefront
Food delivery, convenience stores, and healthcare, to live entertainment - learn how customers are making trust the center of their business.
John Ville
May 24, 20222 min read
Trust Transformation
Trust Transformation starts here
OneTrust launched the world's first Trust Intelligence Platform to empower companies and organizations on their trust transformation.
Blake Brannon
May 24, 20222 min read
GRC & Security Assurance
New regulations push cyber resiliency on supply chain, FinServ industries
May 2022 cybersecurity regulation updates have brought four key legislations across US and EU regulatory bodies to our attention. Learn more.
Justin Henkel, Head of CISO Center of Excellence, OneTrust
May 23, 20225 min read
Speak-Up Program Management
How to outsource your whistleblower hotline
A dedicated whistleblower hotline is a vital tool for increasing organizational trust and strengthening your speak-up culture.
Phillip Winterburn, Principal, Product Marketing and Strategy, Ethics
May 20, 20225 min read
Third-Party Risk
OneTrust Third-Party Risk Exchange now provides SecurityScorecard Cybersecurity Rating
OneTrust is expanding its partnership with SecurityScorecard to enable Third-Party Risk Exchange customers to view complementary Cybersecurity Ratings.
Scott Solomon
May 17, 20224 min read
Data Discovery & Security
EU Data Governance Act approved by Council
The EU Data Governance Act aims to increase trust in data sharing, data intermediation services, and encourage data altruism in the EU.
Robb Hisco*ck, Content Marketing Specialist, CIPM, CIPP/E
May 16, 20225 min read
OneTrust selected by Samsung Ads for CMP rollout across Samsung TV Plus service in Europe
Samsung Ads, the advertising division of Samsung Electronics, has tapped OneTrust Consent and Preferences across Samsung TV Plus in Europe.
Ashlea Cartee, Consent and Preferences Product Marketing Manager
May 13, 20224 min read
ESG & Sustainability
3 ways to include employee mental health as part of your ESG program
Find out how to prioritize employee mental health as part of your ESG program to build trust with employees and other stakeholders.
Sophie Hitchman-Smith, Corporate Communications at OneTrust
May 11, 20228 min read
Privacy & Data Governance
Thai PDPA compliance: the ultimate guide
The ultimate guide to Thai PDPA compliance highlights key requirements for organizations processing personal data in Thailand.
Robb Hisco*ck, Content Marketing Specialist | CIPP/E, CIPM
May 09, 20229 min read
ESG & Sustainability
CDP vs SASB vs GRI sustainability reporting standards
Compare three major ESG reporting frameworks and sustainability reporting standards side-by-side: CDP vs. SASB vs. GRI.
Julie Yamamoto, ESG Content Marketing Manager
May 06, 20225 min read
Ethics Program Management
Engage, delight, and surprise: Switching from a static to interactive code of conduct
Learn how to replace outdated, lengthy, static PDF compliance documents with an Interactive Code of Conduct employees will actually read.
May 05, 202211 min read
GRC & Security Assurance
How are you measuring InfoSec KRIs and cybersecurity metrics?
Avoid analysis overload with focused risk and performance indicators
Kaitlyn Archibald
May 04, 20227 min read
Cookie Consent
Capture first-party data in a cookieless world
With the deprecation of third-party cookies in 2023, marketers and advertisers are examining what's next for their first-party data strategies.
Ashlea Cartee
May 03, 20226 min read
Privacy Management
Rethinking vendor risk assessments: The shift to risk analytics and control gap analysis
Why and how are businesses rethinking vendor risk assessments, risk analytics and control gap analysis? Learn more in our blog.
Scott Solomon, Product Marketing Lead, OneTrust | CIPM, CIPP/E
May 03, 20223 min read
Data Discovery & Security
Connecticut Data Privacy Act (CTDPA) signed into law
Connecticut is the 5th state in the US to pass a comprehensive privacy law, the Connecticut Data Privacy Act, or, CTDPA.
Alexis Kateifides
May 02, 20224 min read
ESG & Sustainability
Trust Geek Glossary: Global Reporting Initiative – GRI reporting
Global Reporting Initiative 101: A practical guide to GRI reporting, what it is, how the GRI Standards work, who uses it, and more.
Julie Yamamoto, ESG Content Marketing Manager, OneTrust
April 28, 20228 min read
Data Discovery & Security
The top 3 challenges of unstructured data (and how to handle them)
Businesses have a semi-structured data model, made up of two types of data: unstructured data and structured data, exposing them to the risk of data loss.
April 26, 20224 min read
Privacy & Data Governance
Provisional agreement reached on the EU Digital Services Act
The Digital Services Act (DSA) aims to legislate against the spread of illegal content and protect the fundamental rights of EU citizens.
Robb Hisco*ck
April 25, 20224 min read
Speak-Up Program Management
Q&A: DFSA launches new Whistleblowing regime in Dubai
The Dubai Financial Services Authority (DFSA) announced and implemented a new regulatory regime to protect whistleblowers.
Jenna Thomas, Content Marketing Manager, Ethics
April 25, 20224 min read
Privacy & Data Governance
Global Cross-Border Privacy Rules (CBPR) forum established
With data privacy regulations popping up more frequently than ever, the Global Cross-Border Privacy Rules (CBPR) Forum was just launched.
Alexis Kateifides, Senior Center of Excellence Counsel
April 21, 20223 min read
GRC & Security Assurance
Streamline COI disclosures with this simple template
Download a simple conflict of interest disclosure template and learn how to effectively manage COIs with OneTrust.
Kirby Kelly, Content Marketing Specialist
April 20, 20225 min read
Technology Risk & Compliance
8 best practices for answering security questionnaires
Follow OneTrust's eight security questionnaire best practices to prioritize holistic data gathering across your vendor ecosystem.
Brianna Smith, Content Marketing Specialist, OneTrust | GRCP
April 20, 20224 min read
Privacy Automation
The necessary evolution of privacy program automation
Privacy program automation reduces manual, time-consuming, and often disjointed compliance and governance processes. Read on to learn more.
Ryan Edge, Director of Strategy | CIPP/E, CIPM
April 19, 20225 min read
ESG & Sustainability
Trust Geek Glossary: Understanding SASB standards
Learn about all things Sustainability Accounting Standards Board: the SASB materiality map, SASB standards, why financial materiality matters, and more.
Julie Yamamoto, ESG Content Marketing Manager, OneTrust
April 18, 20229 min read
Privacy & Data Governance
The top 4 data governance principles
With the amount of data and metadata aggregated and collected by companies growing by the day, make sure that it's managed effectively.
Sam Gillespie, Data Governance Offering Manager, OneTrust
April 15, 20223 min read
ESG & Sustainability
Trust Geek Glossary: What is CDP?
Find out what the CDP (Carbon Disclosure Project) reporting framework is, how it works, who uses it and the benefits of a CDP report.
Julie Yamamoto, ESG Content Marketing Manager, OneTrust
April 13, 20227 min read
ESG & Sustainability
New TCFD ESG disclosure requirements in Canada and the UK
TCFD ESG disclosure requirements: Canada and the U.K. join a growing list of countries adopting TCFD reporting mandates.
Phil Redman, Director, OneTrust ESG
April 12, 20226 min read
Data Discovery & Security
The ultimate guide to data governance
To manage your data effectively, you need a data governance solution that protects the privacy of the data and adds value to your business.
Sam Gillespie
April 12, 20227 min read
Ethics & Compliance
Adopt these engaging compliance trainings to reinforce company culture and values
Develop an ethics and compliance training program that meets legal requirements and engages your employees, while covering all the essentials.
Kelly Maxwell, Content Marketing Specialist, OneTrust
April 09, 20228 min read
Speak-Up Program Management
Effective conflict of interest disclosure management
Are you managing conflict of interest disclosures or COI effectively? Learn how to improve disclosure management and minimize risk with OneTrust.
April 08, 20226 min read
Cookie Consent
Cookie Consent performance series: server-side rendering
Leveraging a CMP that loads server-side positively impacts website performance, provides a user-friendly experience, and helps you stay compliant.
Ashlea Cartee
April 06, 20224 min read
Third-Party Risk
Java framework ‘Spring4Shell’ vulnerability leads to potential exploit
A zero-day Java vulnerability, "Spring4Shell" surfaced and experts believe it could be as impactful as 2021's Log4j.Read to learn more.
Justin Henkel, Head of CISO Center of Excellence
April 04, 20223 min read
ESG Program Management
Global ESG disclosure standards are edging closer with IFRS proposals
The proposed IFRS sustainability disclosure standards bring us closer to a globally consistent, common set of ESG disclosure standards.
Chris Fenwick
April 04, 20225 min read
Privacy & Data Governance
Japan’s amended APPI comes into effect
The Amendment Act, including data breach reporting and stricter data transfers, was approved to the current Act on the Protection of Personal Information.
Andrew Clearwater, OneTrust, Chief Trust Officer
April 01, 20223 min read
Ethics & Compliance
How a Speak-Up culture can help you mitigate risk
Unpack the strategic value of a speak-up culture, how to improve it, and how it can become your early warning system for challenges.
Kelly Maxwell, Content Marketing Specialist, OneTrust
March 31, 20224 min read
Privacy & Data Governance
Explainer: Data localization and the benefit to your business
As a growing number of regulators call for tighter data localization requirements, keeping up with data localization laws can be a challenge.
Robb Hisco*ck, Content Marketing Specialist, CIPP/E, CIPM
March 30, 20225 min read
Privacy Management
Who owns third-party risk: Breaking down management and compliance silos
Without visibility and oversight across the third-party landscape, risk to your business will become untenable.
March 29, 20225 min read
Transform personalized experiences with preference management
Preference management empowers consumers to take control of their relationship with a brand, providing users with more power to control their privacy.
Jamie Molnar, Director, Product Marketing
March 28, 20226 min read
Data Discovery & Security
Agreement in principle made on new EU-US framework for transatlantic data flows
EU and US negotiators have been working towards a solution for EU-US data flows since the invalidation of the EU-US Privacy Shield.
March 25, 20223 min read
Ethics & Compliance
How to measure speak-up culture
Identify areas for improvement and spaces to celebrate successful culture building through quantitative and qualitative measurements.
Kelly Maxwell, Content Marketing Specialist, OneTrust
March 25, 20227 min read
Privacy & Data Governance
Utah Consumer Privacy Act (UCPA) signed into law
On March 24, 2022, the UCPA was signed into law by Governor Spencer Cox, becoming the latest addition to comprehensive state privacy laws in the US.
March 24, 20225 min read
Privacy & Data Governance
ICO International Data Transfer Agreement takes effect
The ICO International Data Transfer Agreement and Addendum to EU SCCs took effect on March 21, 2022. Read the blog to learn more.
March 23, 20224 min read
ESG & Sustainability
Carbon offsets 101: A guide for going climate neutral
Carbon offsets: Learn more about offsets, how they work, how they can help companies go climate neutral, and how they help protect forests.
Julie Yamamoto
March 21, 202215 min read
ESG & Sustainability
5 things to know about forthcoming SEC ESG disclosures
The proposed SEC ESG disclosures rule would require public companies to disclose GHG emissions and other climate change risks.
March 21, 20224 min read
Privacy & Data Governance
Regulatory compliance: Best practices to meet the updated guidelines
In an evolving landscape, regulatory compliance is key. So how do you check the boxes—and go beyond? Learn how on the OneTrust blog.
March 21, 2022
ESG & Sustainability
4 things to look for in your ESG software
The right ESG software tools can help organizations manage environmental, social, and governance expectations more efficiently and intelligently.
March 16, 20227 min read
Ethics & Compliance
How to build a speak-up culture
Increase the number of reports you receive and build a stronger Speak-Up Culture by implementing these strategies and practical initiatives.
Kelly Maxwell
March 15, 20227 min read
Privacy & Data Governance
TrustWeek 2022 agenda: Kickstart your trust journey
TrustWeek 2022 brings together thought leaders across Privacy and Data Governance, GRC and Security Assurance, Ethics, and ESG & Sustainability.
March 15, 20228 min read
Third-Party Due Diligence
What is the German Supply Chain Due Diligence Act?
The German Supply Chain Due Diligence Act is designed to enhance risk management throughout the third-party supply chain.
March 14, 20225 min read
Ethics & Compliance
Measuring organizational trust: The What, Why, and How
What is organizational trust, why does it matter, and how do you measure it? Learn more about an ethics-driven approach to trust.
March 11, 20224 min read
Privacy & Data Governance
European Data Protection Board adopts guidelines on codes of conduct
On March 4, 2022, the EDPB announced that it had adopted its final guidelines on codes of conduct for data transfers under the GDPR.
March 09, 20226 min read
Ethics & Compliance
Trust culture and Organizational behavior
Every day and every interaction becomes another opportunity to showcase your company's commitment to honesty, integrity, and justice.
Kelly Maxwell, Content Marketing Specialist, OneTrust
March 09, 20226 min read
Third-Party Risk
OneTrust becomes only IT VRM vendor to receive the Gartner Peer Insights™ Customers’ Choice Distinction for three years in a row
OneTrust has been named a Customers' Choice in the 2022 Gartner Peer Insights ‘Voice of the Customer': IT Vendor Risk Management Tools.
March 08, 20226 min read
GRC & Security Assurance
Strengthening American Cybersecurity Act passes in US
Digital transformation makes cybersecurity critical to protect the organization, maintain resilience, and compete in today's digital business environment.
March 04, 20223 min read
Third-Party Risk
Answer any security questionnaire with enhanced cell detection for Questionnaire Response Automation
Introducing QRA cell detection – a powerful QRA enhancement that eases the spreadsheet-based questionnaire response process for vendors.
March 02, 20222 min read
Privacy & Data Governance
Building a GDPR privacy program for small businesses
Small businesses need to develop GDPR privacy programs to protect personal data, build consumer trust, and avoid penalties for non-compliance.
March 01, 20229 min read
Privacy & Data Governance
EDPB issues opinion on EU-US Data Privacy Framework
President Joe Biden issued an Executive Order on the new EU-US DPF, allowing for the enhanced protection of transferred personal information.
Robb Hisco*ck, Content Marketing Specialist | CIPP/E, CIPM
February 28, 20228 min read
ESG & Sustainability
Protecting Today to sustain Tomorrow. Get to know OneTrust ESG.
OneTrust has been named a Leader in The Forrester New WaveTM: Sustainability Management Software, Q1 2022, by Forrester Research, Inc.
February 24, 20223 min read
Privacy & Data Governance
EU Data Act: New rules proposed on data access
On February 23, 2022, the European Commission proposed a regulation on the use and access of data stemming from the EU (EU Data Act).
February 23, 20223 min read
ESG & Sustainability
Audit, Measure, and Report on your portfolio companies’ ESG metrics with ESG investor portfolio management
Audit, measure, and report on your portfolio companies' Environmental, Social, and Governance metrics with OneTrust ESG Investor Portfolio Management.
February 22, 20223 min read
Privacy & Data Governance
EU-US data transfers: Is BYOK the answer?
EU-US data transfers continue to cause organizations problems following the Schrems II decision. Is Bring Your Own Key the solution?
February 21, 20225 min read
Privacy Management
How a chief trust officer can help Your business build and manage customer trust
A Chief Trust Officer (CTrO) helps the business fulfill its promises to customers and stakeholders on security, privacy, data, ethics, and ESG.
Andrew Clearwater
February 17, 20227 min read
ESG & Sustainability
ESG reporting and why is it important
Understand why publishing corporate ESG reports is vital to customers, employees, and investors who want to know what your impact is in this area.
February 16, 2022
Privacy & Data Governance
EDPB launches coordinated enforcement action into use of cloud services by public bodies
The EDPB launched its first coordinated enforcement action on the use of cloud services in the public sector across the EU.
February 15, 20224 min read
Third-Party Risk
Mastering the TPRM lifecycle
Third-party risk management is key to any business. Learn how to master the TPRM lifecycle across your organization in our newest video blog!
February 14, 20222 min read
Privacy Management
The ultimate guide to LGPD compliance
Brazil's General Personal Data Protection Law (LGPD) entered into force on September 18, 2020. Read the blog to learn more about LGPD compliance.
February 11, 202212 min read
Consent & Preferences
Deliver dynamic consent experiences using audience logic
Using Audience Logic functionality with consent management, tailors unique digital experiences based on persona, demographics, or channels.
February 11, 20224 min read
OneTrust opens TrustWeek 2022 registration
Join us for TrustWeek 2022, OneTrust's fifth annual user conference—with live, in-person global events and a robust virtual experience.
February 10, 20224 min read
Trust Intelligence
Trust & the CISO: The role of trust in the evolution of IT & security
What is CISO trust? As companies face more risk vectors than ever before, establishing trust is critical for the CISO. Read to learn more.
February 09, 20227 min read
Consent & Preferences
2022 Modernizing marketing strategy series: Data transparency
Data transparency creates trust, and that trust leads to customer loyalty—a winning strategy for building lasting relationships with buyers.
Ashlea Cartee, Product Marketing Manager, OneTrust
February 08, 20224 min read
Data Discovery & Security
Automating data classification and mapping to embed data context into operations
Accurately classifying data gives your organization a clearer picture of the regulatory requirements attached to it. Get Started with OneTrust Data Discovery.
February 07, 20227 min read
Get to know: OneTrust’s channel chief Gordy Wyatt
Gordy Wyatt, OneTrust's North America Channel Director, has been named a 2022 CRN Channel Chief. Learn more about OneTrust's partner program.
February 07, 20224 min read
Third-Party Risk
Buy-In Guide: Making the case for TPRM software
Make the business case for TPRM in your organization and get access to our TPRM buy-in guide to learn how! Read the blog to learn more.
February 04, 20224 min read
Consent & Preferences
2022 Modernizing marketing strategy series: Oracle & OneTrust
Oracle and OneTrust are teaming up to provide strategic guidance for building a powerful and modern marketing strategy in 2022.
Ashlea Cartee, Product Marketing Manager, OneTrust
February 01, 20222 min read
Privacy Management
Automated data mapping FAQs
We recently discussed the benefits of an automated data map. In this article, we answer the most popular questions from the audience.
Ryan O'Connor, Solutions Engineer, Privacy
January 31, 20224 min read
Privacy Automation
4 steps to enhance your DSAR process with redaction
This video walks through the steps your organization can take to enhance your DSAR process with automation, including redaction.
January 26, 20221 min read
Third-Party Risk
The shift to third-party management (TPM): What is TPM and why does it matter?
Third-Party Trust Management (TPTM) is the next evolution of third-party risk and is key enterprise trust strategy. Learn more in our blog!
January 25, 20229 min read
Privacy Management
iOS app account deletion FAQs
In this article, we answer your most frequently asked iOS app account deletion requirement questions. Learn more about the impacts.
January 24, 20223 min read
Privacy & Data Governance
How OneTrust uses OneTrust for data privacy
How can privacy teams keep tabs on operational goals while juggling strategic planning? By effectively utilizing the resources available.
January 24, 20227 min read
Privacy Automation
Why you should automate data retention policies
By operationalizing data retention, organizations can take another step towards securing consumer trust and demonstrating compliance.
January 20, 20225 min read
Privacy & Data Governance
Austrian DPA’s Decision in Analytics Services Provider Case
The Austrian DPA issued a decision in the analytics provider case finding that an EU website operator had violated Article 44 of the GDPR.
January 18, 20226 min read
Consent & Preferences
Zero-party data collection
Learn how to capture and manage zero and first-party data using OneTrust Consent & Preference Management as we approach the end of third-party cookies.
January 18, 20224 min read
Cookie Consent
Cookie Consent performance series: part 2 – Global CDN & asynchronous loading
Implementing a CMP that uses a balanced global CDN system paired with asynchronous loading is crucial to your business.
January 14, 20224 min read
Consent & Preferences
OneTrust named a leader in privacy and consent
We're excited to announce thatOneTrusthas been named a Leader in theKuppingerCole Leadership Compass for Privacy and Consent Management.
January 12, 20223 min read
Privacy Automation
Top reasons employees submit SARs and how you should prepare
Take a look into some of the top reasons why employees might make an access request and how employers can prepare for when they do.
January 11, 20224 min read
Cookie Consent
How CMOs are building brand trust through personalized experiences
Learn how to drive personalization and nurture brand trust with data transparency, data enrichment, and ethical data activation.
January 10, 20224 min read
Consent & Preferences
Year in review: OneTrust’s market-dominating CMP
As 2021 comes to a close, OneTrust highlights the biggest enhancements and milestones of its market-leading consent management platform (CMP).
January 06, 20223 min read
Preparing for the new Apple account deletion requirement
On October 6, 2021, Apple introduced a new account deletion requirement for App Store submissions starting on January 31, 2022.
January 03, 20226 min read
Privacy & Data Governance
OneTrust announces series C funding at a $5.3 billion valuation
Today we are proud to announce our $300 million Series C funding round at a $5.1 billion valuation! Read all about it.
December 20, 20213 min read
Third-Party Risk
The future of TPRM: Third party risk management predictions for 2022
In 2021,TPRMand cybersecurityremained at the forefront ofbusinessstrategy, so what's next? Learn about 2022 TPRM predictions in our blog!
December 19, 20215 min read
Third-Party Risk
Build the business case: The importance of business resilience and TPRM
Learn about the impact of third-party service outages and how to stand up a TPRM-informed business resilience strategy in our latest blog.
December 16, 20214 min read
Consent & Preferences
OneTrust supports CI/CD pipeline with mobile app scanning API
The Mobile App ScanningAPI helps supportCI/CD pipelinefor developers - a scalable API foruploading,scanningand re-scanningapps.
December 15, 20213 min read
Third-Party Risk
Working with vendors to address the Apache Log4j 2 library vulnerability
A new, critical vulnerability that impacts a popular open-source Java logging library, Apache Log4j 2 exists. Read more in our blog.
December 14, 20215 min read
Privacy & Data Governance
The EU Council clears EU Taxonomy rules
The European Union passed the first part of its EU taxonomy rulebook on climate-friendly investments, applying on January 1, 2022.
December 09, 20212 min read
Privacy & Data Governance
NIS2: An EU-Wide cybersecurity strengthening and resilience solution
On December 3, the EU announced that it had agreed its general approach to the text of the NIS 2 Directive. Read to learn more!
December 09, 20213 min read
ESG & Sustainability
OneTrust acquires Planetly, the climate action and carbon management company
OneTrust has acquired Planetly, the Climate Action, and Carbon Management company, to help businesses transform to net-zero emissions.
Phil Redman
December 08, 20213 min read
Cookie Consent
Accelerate your cookie banner implementation with OneTrust’s CMP Wizard
Through the OneTrust CMP Wizard, businesses can use a guided step-by-step interface to scan their website for cookies and trackers.
December 06, 20213 min read
GRC & Security Assurance
Privacy and IT risk: How secure are your assets securing personal data?
Protecting personal data is a multi-functional operation. Learn how prioritizing privacy and IT Risk for assets can help your organization on its journey to trust.
December 02, 20216 min read
Privacy & Data Governance
Automate policy management to align Privacy & Data Governance initiatives
By ensuring all organizational data is unified under one system, teams can unilaterally manage data policies with automation.
December 02, 20216 min read
Privacy & Data Governance
Why Is everyone talking about trust? And why the CISO should care
The CISO plays an important role in establishing trust and keeping workflows across the enterprise secure. Learn more in our blog!
November 29, 20214 min read
Privacy & Data Governance
German TTDSG enters into force on December 1, are you ready?
On December 1, 2021, the TTDSG will enter into force implementing new cookie consent requirements in accordance with the ePrivacy Directive.
November 29, 20216 min read
Privacy & Data Governance
UAE enacts new federal Personal data protection law
A new comprehensive personal data protection law was enacted in the UAE on November 29, 2021 as part of a broad federal reform package.
November 29, 20214 min read
Privacy & Data Governance
Relevant European supervisory authorities notified and have 4 weeks to provide feedback to the draft decision
On November, the Belgian DPA issued a press release on its draft decision in the case against IAB Europe relating to its Transparency & Consent Framework.
November 25, 20213 min read
Privacy & Data Governance
ICO issues opinion on data protection expectations for AdTech proposals
The UK Information Commissioner's Office (ICO) released its opinion on Data Protection and Privacy Expectations for Online Advertising Proposals.
November 25, 20215 min read
Cookie Consent
Luxembourg: CNPD publishes new cookies guidelines
The CNPD clarifies in the new guidelines some important distinctions about cookies regarding their types, purposes, and uses.
November 24, 20213 min read
Privacy & Data Governance
Report on India’s personal data protection bill adopted
The JPC adopted a draft report on India's Personal Data Protection Bill, 2019 which will now be presented during Parliament's winter session.
November 23, 20213 min read
Technology Risk & Compliance
Mature your privacy program with DSAR & Incident management automation
With increasing privacy and security regulations, maturing privacy teams are using automation to scale DSAR and incident management efforts.
November 23, 202110 min read
Privacy & Data Governance
EDPB clarifies scope of data transfers
On November 19, 2021, the EDPB released its draft guidelines on the interplay between Article 3 and Chapter V of the GDPR for data transfers.
November 19, 20216 min read
Cookie Consent
Expanding beyond a cookie banner to preference management
Expanding beyond a cookie banner to preference management allows you to turnprivacyrequirementsinto a real marketing advantage.
November 18, 20215 min read
GRC & Security Assurance
Cybersecurity Maturity Model 2.0: New strategic implications from GRC to VRM
TheUS Department of Defense updated CMMC strive to simplify and strengthen thesecurityof the defense industrial base. Read to learn more.
November 12, 20214 min read
Cookie Consent
Cookie Consent performance series: Part 1 – SEO & availability
Our Cookie Consent Performance series dives into key ways you can maintain website authority, user experience, and compliance. Here's part 1.
November 11, 20214 min read
Data Discovery & Security
How data discovery enhances & automates your data mapping
Organizations need to mature and scale their data mapping programs with technology that unifies and automates data discovery.
November 09, 20216 min read
Privacy & Data Governance
Firefox joins other browsers implementing Global Privacy Control
MozillaFirefoxis the latest browserimplementing Global Privacy Control (GPC), takinginitiative tohelpusers control their privacy.
November 08, 20214 min read
ESG & Sustainability
Republican Energy & Commerce Committee introduce draft US Federal Privacy Bill
The Republican Energy and Commerce Committee introduced a comprehensive draft privacy bill establishing standards for data privacy and security in the US.
November 04, 20214 min read
ESG Program Management
IFRS announce International Sustainability Standards Board (ISSB)
The IFRS announced the formation of the ISSB and Prototype Climate Disclosure Standards during the COP26 summit in Glasgow.
November 03, 20214 min read
ESG & Sustainability
ESG and sustainability software platforms that enterprises can leverage
All eyes are on ESG right now but how can enterprises leverage ESG and sustainability software platforms to meet and track their goals?
October 26, 20215 min read
Privacy Automation
OneTrust adds native Microsoft integration into privacy management solution
OneTrust, the most widely used privacy management platform, has added Microsoft's Privacy Management for Microsoft 365 integration.
October 22, 20213 min read
ESG & Sustainability
The CSO (chief sustainability officer) & vendor risk management: Top challenges & biggest opportunities
As brand sustainability expectations evolve, CSOs must consider vendor risk management (VRM). Learn how to combine ESG and VRM in our blog.
October 21, 20215 min read
ESG Program Management
ESG management: The enterprise ESG cycle
Improve your organization's ESG efforts by leveraging the Enterprise ESG Cycle in your ESG management program. Learn how in our blog.
October 19, 20213 min read
Privacy & Data Governance
OneTrust partners with Snowflake to simplify data classification & enforce policy
OneTrust and Snowflake have partnered to enable developers, data engineers, and data scientists to improve data discovery and governance across platforms.
October 07, 20213 min read
Third-Party Risk
OneTrust Vendorpedia offers same-day support for the 2022 Shared Assessments SIG
Learn how to manage risk in a time-friendly, cost-effective way with low effort for your vendors with our SIG 2022 shared assessments support.
September 28, 20213 min read
Privacy & Data Governance
The ultimate guide to CCPA compliance
The Ultimate Guide to CCPA Compliance outlines the key areas of the law that your organization should consider. Read the blog to learn more.
September 27, 202110 min read
Ethics & Compliance
Improve the reporting experience with preferred language reporting
Convercent by OneTrust announced enhanced global Call Center operations, aiming to have calls handled in a reporter's preferred language.
September 27, 20213 min read
ESG & Sustainability
Diversity, Equity & Inclusion: Reflecting on OneTrust’s DE&I council
Learn how OneTrust has built a team of leaders dedicated to supporting its employees and community through the Diversity, Equity & Inclusion Council.
September 24, 20217 min read
Privacy & Data Governance
Quebec’s Bill 64 Adopted
On September 21, Bill 64 obtained a majority vote in the National Assembly of Quebec and will become law. Read the blog to learn more.
September 22, 20214 min read
GRC & Security Assurance
OneTrust named a leader in GRC Platform Independent Research report
OneTrust has been named a leader in the Forrester Wave: Governance, Risk, And Compliance Platforms Q3 2021.
September 22, 20214 min read
GRC & Security Assurance
OneTrust acquires Tugboat Logic
OneTrust is acquiring Tugboat Logic security assurance and certification automation platform for ISO 27001 and SOC 2.
September 21, 20214 min read
Consent & Preferences
OneTrust’s Consent and Preference Management Platform captures millions of consent transactions
OneTrust, the most widely used consent and preference management platform captures over 3 billion consent transactions a week.
September 20, 20213 min read
Privacy & Data Governance
When Is DSAR redaction relevant? Your questions answered
In this article, we answer six of our most frequently asked questions centered around one common theme: When is DSAR redaction necessary?
September 20, 20215 min read
GRC & Security Assurance
OneTrust recognized in 2021 Gartner® Magic Quadrant™ for IT Risk Management
OneTrust was recognized in the 2021 Gartner Magic Quadrant for IT Risk Management for its GRC product. Access the report in our blog.
September 16, 20214 min read
Ethics & Compliance
Importance of policy and procedure
We all know policies and procedures are important, but they often end up ineffective.Learn how to maximize policies on the OneTrust blog.
September 16, 20216 min read
Privacy & Data Governance
OneTrust integrates with Box to support customers automate Privacy Compliance
Today, OneTrust announced an integration with Box to better support customers wanting to automate privacy, security, and compliance.
September 15, 20213 min read
Privacy & Data Governance
The new SCC deadline Is approaching: Are you prepared?
The deadline for signing old Standard Contractual Clauses (SCCs) into new contractual agreements is approaching. Are you prepared?
September 15, 20215 min read
Ethics Program Management
Top 5 reasons your organization needs awareness training
Many of the world's privacy laws contain training obligations but there are several reasons that you need awareness training. Read the blog to learn more.
September 14, 20215 min read
Consent & Preferences
How to build trust and value privacy with a Consent Management Platform
You can't run a modern privacy program without a consent management platform. Learn how to bring privacy and personalization together.
September 13, 202112 min read
Third-Party Risk
OneTrust named a Leader in the 2021 Gartner® Magic Quadrant for IT Vendor Risk Management Tools
For the third consecutive year, OneTrust is a leader in the 2021 Gartner Magic QuadrantTM for IT Vendor Risk Management Tools.
September 02, 20215 min read
Consent & Preferences
Why you need a CMP alongside Apple ATT
Applerequires apps touse an ATT prompt torequest permission fromendusers before tracking them. Learn how implementing a CMP can help.
August 26, 20214 min read
Consent & Preferences
Prove you value privacy with consent and preference management
Prioritize privacy by implementing consent and preference managementacross marketingand advertisingactivities.Learn more in our blog.
August 24, 20214 min read
GRC & Security Assurance
The ultimate security questionnaire guide
Implementing a consistent security questionnaire answering process will save your organization time and money. Read our guide to learn more.
Brianna Smith, Content Marketing Specialist, OneTrust | GRCP
August 17, 202115 min read
Privacy & Data Governance
The CCPA metrics reporting requirement: What you need to know
As of July 1, 2021, the CCPA metrics reporting obligation took effect for certain organizations. Here's what you need to know.
August 11, 20213 min read
Technology Risk & Compliance
ITRM 101: Understanding the impact of IT risk on your organization
Read our IT risk management (ITRM) guide to understand IT risk management's impact on your organization and why it's more critical than ever.
August 10, 202114 min read
Consent & Preferences
Telemarketing & Compliance: What marketers need to know
Let's look at how this crucial marketing channel can be effectively implementedwhile remaining compliant with telemarketing legislation.
August 06, 20214 min read
Consent & Preferences
Test for success: A/B testing essential to improve ROI
When you A/B test your cookie banners, your marketing goals and compliance with data regulations don't have to be mutually exclusive.
August 03, 20214 min read
Privacy & Data Governance
OneTrust Vendorpedia Third-Party Risk Exchange now provides Cyber Risk scores on thousands of vendors
OneTrust partners with ISS Corporate Solutions (ICS) to enable new cyber risk scoring capabilities for Third-Party Risk Exchange customers.
August 02, 20214 min read
Data Discovery & Security
OneTrust recognized in The Forrester Wave™: Data Governance solutions, Q3 2021
Today we are excited to announce that OneTrust DataGovernance debuted in The Forrester Wave: Data Governance Solutions, Q3 2021 report.
July 27, 20213 min read
Privacy Management
Privacy laws & Employee DSARs
Organizations faced with employee data subject access requests (DSARs) need a tool that uses automation to properly redact data.
July 23, 20216 min read
Privacy Management
The APEC CBPR Certification: What is it?
The APEC Cross-Border Privacy Rules System (CBPR) is a voluntary, accountability-based system created by the Asia-Pacific Economic Cooperation.
July 20, 20214 min read
GRC & Security Assurance
Reduce your risk: Supply chain attacks and the rise of ransomware
As the new trend in ransomware attacks rises, companies need to be aware of the impact on supply chain vulnerability. Learn more in our blog.
July 16, 20214 min read
Ethics & Compliance
Germany passes new corporate due diligence act
Germany's parliament has passed the German Corporate Due Diligence Act, requiring due diligence in combating human rights violations.
July 14, 20213 min read
Privacy & Data Governance
The 7 principles of privacy by design
The 7 Principles of Privacy by Design is a holistic approach to privacy and seamlessly integrates privacy into products, services, and system designs by default.
July 13, 20216 min read
Privacy & Data Governance
IAB canada finalizes TCF policies
The Interactive Advertising Bureau (IAB)of Canada recentlyfinalizeditsversion ofTransparencyConsent Framework (TCF)Policies.
July 09, 20211 min read
Third-party cookies are going away: How marketers can prepare
In the massive gap left in the wake of third-party cookies going away, organizations must adjust their consent strategies.
July 08, 20216 min read
GRC & Security Assurance
How AutoZone goes the extra mile with OneTrust Vendorpedia
AutoZone Goes the Extra Mile and drives TPRM operations with OneTrust Third-Party Risk Management. Learn more from Auto Zone TPRM, Ryan Walker.
July 07, 20213 min read
Privacy & Data Governance
How good IT Asset and Risk Management can protect you from ransomware
Executive leadership must prioritize implementing a healthy IT asset and Risk management program in the wake of increased ransomware attacks.
July 02, 20215 min read
Data Discovery & Security
The 4 pillars of data intelligence
Use the 4 pillars of data intelligence to better understand the data you have, how it's used, and the requirements that apply to it.
OneTrust
July 01, 20215 min read
Privacy Management
The CPO & Vendor risk management: top challenges & biggest opportunities
As the privacy landscape evolves, CPOs must consider vendor risk management as a key area of any healthy privacy management program.
June 30, 20215 min read
Privacy & Data Governance
EDPB final recommendations: The 6 step roadmap (Part 1 of 3)
Take a deeper look at the EDPB six-step roadmap to help identify the appropriate supplementary measures for international data transfers.
June 29, 20215 min read
Privacy & Data Governance
European commission adopts two UK adequacy decisions
Learn about how the European Commission adopted two UK adequacy decisions in relation to the GDPR and the Law Enforcement Directive.
June 28, 20214 min read
Cookie Consent
Google delays deprecation of third-party cookies until 2023
On June 24, 2021, Google announced it is delaying plans to phase out third-party cookies in its Chrome browser until 2023.
June 24, 20214 min read
Technology Risk & Compliance
How your organization can use an incident management playbook
An incident management playbook is an actionable guide for how to report events, define responsibilities, and manage response procedures.
June 22, 20215 min read
Privacy & Data Governance
Operationalize EDPB final Schrems II guidance with OneTrust
You can operationalize the EDPB's guidance today with OneTrust's expanded Schrems II Solutions which provide both EU exporters and importers.
June 21, 20215 min read
ESG Program Management
The ultimate guide to ESG management and factor
What is ESG Management? It is crucial to execute a strong ESG program throughout your organization to remain competitive. Read more here.
June 18, 202112 min read
Privacy & Data Governance
Ecuador’s new data protection law
Ecuador's new data protection regulation has become law, and establishes a national data protection authority, and regulates cross-border data transfers.
June 17, 20213 min read
Ethics & Compliance
Convercent by OneTrust announces third-party risk management solution for Ethics & Compliance
Convercent by OneTrust Third-Party Risk Management for Ethics and Compliance professionals provides a way to identify third-party risk.
June 17, 20212 min read
ESG & Sustainability
ESG Risks | Challenges & Solutions
Learn some challenges of creating an ESG strategy nationally and globally for your organization while addressing risk, management, and compliance.
June 16, 20216 min read
Privacy & Data Governance
China data security law passed
A new China data security law takes effect on September 1, 2021 protecting data in the interest of the country's national security. Learn more.
June 14, 20214 min read
Third-Party Risk
What is vendor risk management?
Vendor risk management (VRM) is a form of risk management that focuses on identifying and reducing risks relating to vendors.
June 09, 202114 min read
Privacy & Data Governance
Nevada privacy bill signed by Governor Sisolak
On June 2, 2021, Nevada Governor Stephen F. Sisolak signed the Nevada Privacy bill ((SB) 260) which focuses on Internet privacy.
June 07, 20213 min read
ESG & Sustainability
ESG factors and infographic
OneTrust can help you track and measure your ESG goals, as social, environmental, and governance strategies become crucial in the corporate environment.
June 04, 20213 min read
Privacy & Data Governance
European commission adopts new Standard Contractual Clauses (SCCs)
On June 4, 2021, the European Commission adopted two sets of modernized standard contractual clauses (SCCs). Read the blog to find out more.
June 04, 20214 min read
Privacy Management
Thai PDPA data subject rights: What you should know
Enforcement of the Thai PDPA has been postponed until 2022 but organizations should still prepare for an influx data subject rights requests.
June 03, 20215 min read
Third-Party Risk
What is third-party risk management?
Third-party risk management (TPRM) is a form of risk management that focuses on identifying and reducing risks relating to the use of third parties.
June 01, 20216 min read
Cookie Consent
noyb Cookie Consent best practices guide
OneTrust has provided customers with a resource guide and relevant regulatory authority research following the May 31 noyb cookie notices.
June 01, 20212 min read
Third-Party Risk
OneTrust acquires Shared Assessments to grow the SIG and global third-party risk standardization
Shared Assessments will remain vendor neutral post-acquistion to grow the SIG third-party risk standard globally.
May 31, 20214 min read
Privacy & Data Governance
OneTrust celebrates five years of trust
Five years ago, OneTrust was founded. Today, we're celebrating five years of trust with our 10,000 customers, 2,000 employees, and community.
May 26, 20215 min read
Privacy & Data Governance
The GDPR data subject rights - global privacy laws
The GDPR is one of the most robust global privacy laws in effect today. What rights does it invoke on it's data subjects?
May 24, 20213 min read
Privacy Management
The ultimate guide to privacy management
A foundational standard for privacy management is proving through records that you have a legal reason for collecting and processing personal data.
May 21, 202115 min read
Privacy & Data Governance
The EU Cloud Code of Conduct approved by Belgian DPA
On May 20, 2021, the Belgian DPA announced that it had approved the EU Cloud Code of Conduct. Read the blog to find out more.
May 20, 20213 min read
Privacy & Data Governance
France announces strategy for cloud technology
On May 17, 2021, the French Government announced its national strategy for cloud technology. Read the blog to find out more.
May 18, 20213 min read
Privacy Management
Understanding the 7 principles of the GDPR
The 7 key GDPR principles at the heart of the law should inform every step of a modern privacy management program.
May 17, 20215 min read
Data Discovery & Security
What’s hidden in your files? How to better govern your unstructured data
What's hidden in your files? Learn more about how unstructured data discovery can help you uncover and address hidden compliance risks.
May 05, 20216 min read
Privacy & Data Governance
Apple iOS 14.5: how to prepare with OneTrust
Apple announced new iOS 14.5 requirements will now go into effect on April 26, 2021 with the release of Apple iOS 14.5.
April 23, 20214 min read
Consent & Preferences
OneTrust launches Consent Banner testing feature
OneTrust launched a new consent banner testing feature that allows customers to test their consent management platform before publishing.
April 21, 20214 min read
Privacy & Data Governance
Guide to the General Data Protection Regulation (GDPR)
GDPR Compliance means an organization that falls within the scope of the GDPR meets the requirements for properly handling personal data.
April 16, 202119 min read
Ethics & Compliance
OneTrust Acquires Ethics and Compliance Leader Convercent
OneTrust acquires ethics and compliance software leader Convercent to help continue to build our Trust Intelligence platform.
April 14, 20214 min read
Data Discovery & Security
Webinar recap: How Data Discovery enhances your DSAR workflow
Be prepared to respond to Data Subject Access Requests and utilize automated data discovery with OneTrust Data Discovery.
April 01, 20215 min read
ESG & Sustainability
ESG best practices and corporate benefits
Learn how implementing ESG best practices may benefit an organization's brand, revenue, company valuation, and market perception, as well as reduce risk.
March 31, 20216 min read
Privacy & Data Governance
Your top 10 Data Redaction questions answered
We took your top questions and created an FAQ series to dive into our data redaction capabilities and what they mean for you.
March 30, 20217 min read
Privacy & Data Governance
Preparing for privacy compliance in Panama
Panama's Law No. 81 on Personal Data Protection takes effect March 29, 2021, bringing a new set of compliance challenges for organizations.
March 29, 20213 min read
Privacy & Data Governance
Get ready for POPIA with OneTrust
Enforcement for South Africa's Protection of Personal Information Act (POPIA) will begin on July 1, 2021 and OneTrust can help you get ready.
March 22, 20213 min read
Privacy & Data Governance
How to prepare for Apple iOS 14.5 privacy requirements
AppleiOS14.5 Privacy RequirementsandiPadOS14.5arescheduled for a spring2021release. The new release includes privacy features.
March 19, 20215 min read
ESG & Sustainability
OneTrust's ESG solution is here
OneTrust's ESG solution provides organizations with environmental, social, and governance technology built in to the OneTrust platform.
March 15, 20213 min read
Privacy Management
Privacy program best practices
Smart businesses know having a privacy program in place is just good business. Here are the best privacy program practices.
March 12, 20217 min read
Data Discovery & Security
OneTrust DataGovernance announces Data Catalog
OneTrust Data Catalog is a solution for data officers, data stewards, and other stakeholders to find and utilize the data that matters most.
March 11, 20214 min read
Cookie Consent
OneTrust CNIL cookie guidelines toolkit
On April 1st, the CNIL, will begin to enforce its latest cookie recommendations. Download our CNIL Cookie Consent Guidelines Checklist today!
March 08, 20213 min read
Consent & Preferences
Maximize Opt-Ins with Consent Rate Optimization
OneTrust launches Consent Rate Optimization, to help organizations personalize user experience and maximize opt-ins while respecting privacy.
March 04, 20213 min read
GRC & Security Assurance
HIPAA compliance: Building a bridge to a robust privacy program
If your organization manages PII, it's crucial to embed HIPAA compliance into your privacy program. Here's how to get started.
March 02, 202110 min read
Privacy & Data Governance
Virginia’s Consumer Data Protection Act signed into law
Virginia became the next state to officially pass a comprehensive privacy law. The CDPA sets out an increased protection for consumer data.
March 02, 20213 min read
Privacy & Data Governance
OneTrust acquires Redacted.ai for data redaction
OneTrust acquired Redacted.ai data redaction technology and introduces OneTrust Data Redaction technology to solve a broad range of privacy use cases.
February 28, 20213 min read
Cookie Consent
Cookie banners after third-party cookies
If third-party cookies are phased-out, does that mean cookie banners or consent management platforms (CMPs) are going along with them?
February 19, 20217 min read
Consent & Preferences
OneTrust’s CMP leads the Consent Management market: Used on 350,000+ websites and apps
Today OneTrust announced it is the most widely used CMP with over 350,000 websites and applications using the platform for consent management.
February 08, 20213 min read
GRC & Security Assurance
5 IT risk management frameworks to consider for your program
Applying one or multiple systems to your company’s security approach is best practice
Kaitlyn Archibald
February 04, 20214 min read
Data Discovery & Security
Data discovery for governance teams
Intelligent, automated data discovery for governance teams is essential for achieving data governance and data catalog objectives.
February 02, 20214 min read
Privacy & Data Governance
OneTrust Partners with global privacy control to help users control privacy
Today OneTrust and Global Privacy Control (GPC) announced their partnership to help users control their privacy with a new browser setting.
January 28, 20214 min read
Data Discovery & Security
Why privacy teams need Data Discovery
Privacy teams need automated data discovery solutions to tackle the challenges of growing data management needs and privacy compliance.
January 26, 20216 min read
Data Discovery & Security
What to look for in a data discovery solution
A truly automated data discovery solution helps organizations understand their data across their business and third-party relationships.
January 22, 20216 min read
Third-Party Risk
Introducing OneTrust Questionnaire Response Automation
OneTrust launches Vendorpedia Questionnaire Response Automation to support organizations in automatically answering incoming questionnaires.
January 13, 20213 min read
Privacy & Data Governance
CNIL issues fine for emails sent without consent
This last week, the CNIL, French data protection authority, issued a €20,000 fine for sales prospecting without consent. Read more.
January 12, 20213 min read
GRC & Security Assurance
Integrate microsoft word into the OneTrust GRC policy management software
OneTrust today announced our GRC policy management software integration with Microsoft Word to help company's improve policy management.
January 06, 20212 min read
Privacy & Data Governance
Your CPRA questions answered
We address some CPRA questions as the CPRA's approval left many organizations questioning how to pivot their existing programs to meet CPRA compliance.
December 30, 20204 min read
Privacy & Data Governance
Schrems II and the latest SCC updates
A discussion about the Schrems II decision including an explanation of the new EDPB guidelines and Standard Contractual Clauses updates.
December 30, 20204 min read
Privacy & Data Governance
Schrems II: Dealing with international transfers
With the significant development of the EDPB releasingtheirrecommendations for Schrems II, wediscusswhat they are and what they mean.
December 15, 20204 min read
Consent & Preferences
Balancing cookie compliance and user experience
Providing an engaging user experience can help to greatly increase opt-in rates as well as enhancing transparency around your processing activities.
December 08, 20203 min read
Privacy & Data Governance
Global privacy laws update 2020
Global privacy laws have continued to develop rapidly throughout the course of 2020. Recap with the "Global Privacy Laws: What's New in 2020" TrustWeek Session.
December 02, 20205 min read
Privacy Management
How will the Schrems II decision impact your privacy program?
The Schrems II decision will have significant impacts on EU-US data transfers, and many organizations will need to update their programs.
November 23, 20203 min read
Privacy & Data Governance
Schrems II decision: EDPB publishes recommendations
The EDPB published recommendations following the Schrems II decision in July 2020, addressing surveillance and supplementary transfer tools.
November 12, 20208 min read
Privacy & Data Governance
CCPA vs. CPRA – What has changed?
On November 4, 2020, California voters passed the California Privacy Rights Act (CPRA or CCPA 2.0), but how does it compare with the CCPA?
November 10, 20204 min read
Ethics & Compliance
Ethics in privacy and security
When your business collects someone's personal information, you take on responsibilities, including trust, security, and ethical responsibility to that individual.
November 09, 20205 min read
Privacy & Data Governance
What does the CPRA mean for your privacy program?
In the November 2020 election, voters will be deciding whether to vote the CPRA into law. Read this blog to learn more.
November 04, 20205 min read
GRC & Security Assurance
What is OneTrust GRC? A LinkedIn live recap
In this LinkedIn Live, Kabir Barday, CEO of OneTrust, was joined by Scott Bridgen, Offering Manager of OneTrust GRC, to discuss what is OneTrust GRC.
November 02, 20205 min read
Privacy & Data Governance
TrustWeek news: Know your requirements for storing data with OneTrust DataGuidance Data Retention Schedules
As part of a series of announcements during TrustWeek, we are excited to introduce DataGuidance Data Retention Schedules.
October 13, 20203 min read
Privacy & Data Governance
TrustWeek news: OneTrust releases new Data Governance software to help data governance, analytics, IT, and technology teams know their data
OneTrust releases new data governance software to help Data Governance, Analytics, IT, and Technology teams know their data.
October 13, 20203 min read
Privacy & Data Governance
TrustWeek news: OneTrust launches enhanced and automated Data Redaction capabilities
OneTrust announces two new solutions to help manage challenges and maintain ISMS success: Audit Management and Policy Management.
October 13, 20203 min read
Privacy & Data Governance
Overview of the california privacy rights act of 2020 (CPRA or CCPA 2.0)
In general, the CPRA amends the CCPA by expanding consumer rights, heightening privacy protections, and establishing an enforcement agency.
October 12, 20206 min read
Cookie Consent
DPC cookie guidance: your top 7 questions answered
On April 6, the Irish Data Protection Commission released a report explaining the findings following a cookie sweep of websites across a range of industries.
September 29, 20206 min read
Privacy Management
LGPD vs. GDPR
Inspired by the GDPR,Brazil'sLei Geral de Proteção de Dados, or LGPD,regulateshow companies collect, store, handle, and share personal data.
September 25, 20206 min read
Consent & Preferences
OneTrust supports Google’s newest solution: Consent Mode
Google's Consent Mode solution was created to bridge the gap between the advertising and privacy worlds, providing more flexibility.
September 03, 20204 min read
Privacy & Data Governance
What are the differences between CCPA and GDPR and LGPD?
The data security space is heating up in 2021. Read this article to understand the key components and comparisons of CCPA, GDPR, and LGPD.
August 28, 202011 min read
Inc. 500: OneTrust named America’s #1 fastest-growing company
OneTrust is named the #1 fastest growing private company in America with 48,000% growth on the prestigious Inc. 500 annual list.
August 12, 20204 min read
OneTrust expands OTT (Over-the-Top) CMP support for Apple TV, Android TV, Roku, and more
OneTrust announced expanded OTT compliance capabilities to help publishers and advertisers manage privacy consent and preference compliance.
August 06, 20203 min read
Privacy & Data Governance
Keeping CCPA compliant with Facebook’s limited data use
The CCPA enforcement date of July 1 has recently passed, but there are still areas of the regulation that businesses need clarity on.
August 03, 20203 min read
Privacy & Data Governance
India’s personal data protection bill
India's potential PDPB requires that data fiduciaries obtain data principals' consent for processing to ensure the principals' fundamental right to privacy.
July 24, 20208 min read
OneTrust opens new certification program dates
The OneTrust Certification Program has announced new dates and a new OneTrust Fellow of Privacy Technology certification is now available.
July 20, 20203 min read
Privacy & Data Governance
Launch your CCPA and GDPR Compliance programs with OneTrust free tools
OneTrust Free Tools help companies kickstark compliance with CCPA, GDPR, ISO 27701 and hundreds of the world's privacy laws and security frameworks.
July 06, 20202 min read
Data Discovery & Security
OneTrust acquires Integris Software
OneTrustacquired Integris Software to enhancesOneTrustDataDiscovery. The integrated data discovery and classification solutionis available today.
June 30, 20202 min read
Privacy & Data Governance
OneTrust Assessment Automation technology aligned with the CNIL PIA methodology
The OneTrust Assessment Automation privacy impact assessment (PIA) technology is now aligned with the CNIL PIA methodology.
June 25, 20202 min read
Privacy & Data Governance
CCPA compliance for small businesses
The first step to CCPA compliance for small businesses will be to understand if the law applies to your business or not.
June 02, 20203 min read
Privacy & Data Governance
IDC releases first worldwide data privacy management software market shares report
IDC released it's inaugural Data Privacy Management Software Market Shares Report and finds OneTrust has the largest market share.
May 27, 20202 min read
GRC & Security Assurance
Introducing OneTrust GRC’s Audit & Policy Management: Two New Tools to Support ISMS Programs
OneTrust announces two new solutions to help manage challenges and maintain ISMS success: Audit Management and Policy Management.
May 06, 20204 min read
Privacy Management
CCPA privacy policy & notice requirements
A key part of the California Consumer Privacy Act (CCPA) that went into effect on January 1, 2020 is updating your privacy policy and notice requirements.
April 22, 20203 min read
GRC & Security Assurance
Integrating privacy & cyber security
Cyber security and privacy must integrate using a privacy management software in order to address the growing challenge of protecting consumer data.
April 15, 20203 min read
GRC & Security Assurance
Unifying risk management initiatives
When leveraged correctly, these combined resources can streamline processes and automate common third-party risk management activities.
April 09, 20204 min read
Consent & Preferences
OneTrust consent management platform is IAB TCF 2.0 approved CMP
After working closely with IAB Europe, we're proud to announce the OneTrust Consent Management Platform (CMP) is officially TCF 2.0 approved by the IAB.
April 03, 20202 min read
Privacy & Data Governance
How to automate CCPA consumer rights requests
In this OneTrust blog, you will learn how you can automate consumer requests within your California Consumer Privacy Act (CCPA) program.
March 19, 20204 min read
Privacy & Data Governance
OpenID Connect (OIDC): As easy as 1-2-3
OpenID Connect lets developers authenticate their users across websites and apps without having to own and manage password files.
February 03, 20203 min read
Technology Risk & Compliance
Cybersecurity Maturity Model Certification (CMMC), Escalating security
What is the CMMC, who does it apply to, and how will it impact your business? Follow the development of the CMMC as the DoD put's it into effect.
January 21, 20204 min read
GRC & Security Assurance
Integrated Risk Management vs. GRC
What's the difference between Integrated Risk Management versus GRC? How do you compare a well-established discipline and new emerging risk initiatives?
January 16, 20205 min read
Privacy & Data Governance
The CCPA Toll-Free Number requirement
The California Consumer Privacy Act is taking effect in January, and one requirement that still confuses many businesses is the Toll-Free Number requirement.
December 27, 20194 min read
GRC & Security Assurance
CCPA compliance: Your most frequent CCPA questions answered
The CCPA is only days away from taking effect, and OneTrust has all the resources you need to be CCPA ready by January 1, 2020.
December 24, 201924 min read
Privacy & Data Governance
The CCPA vs. the GDPR comparison
Both the CCPA and the EU's GDPR aim to protect individuals' privacy rights, but there are some key differences between the two.
December 19, 20198 min read
Third-Party Risk
Centralizing your risk register
Companies can integrate their information across systems and data collection points to centralize their risk register and reporting efforts.
December 19, 20194 min read
Privacy & Data Governance
News: CJEU publishes AG opinion on facebook Ireland and schrems case
The Court of Justice of the European Union (CJEU) published the non-binding opinion of Henrik Saugmandsgaard Øe, the European Union Advocate General.
December 19, 20193 min read
Introducing OneTrust Zero-Code Cookie Auto-Blocking
We're excited to announce OneTrust Cookie Auto-Blocking, dramatically reducing the time it takes to implement a OneTrust cookie banner on your website.
December 17, 20193 min read
Privacy & Data Governance
CMDB tools to organize, automate and integrate data
The data stored in your CMDB tools is only good for those who have access. Streamline maintenance with software to organize, automate and integrate data.
November 27, 20193 min read
Data Discovery & Security
OneTrust Targeted Data Discovery: Not your average data discovery tool
OneTrust offers a Targeted Data Discovery solution to help automate Data Subject Access Requests or DSAR requests.
November 26, 20192 min read
GRC & Security Assurance
Legacy GRC tools and today’s market challenges
Many GRC tools are solutions to problems of the past. New technology solutions can solve some of the digital risk challenges GRC tools fail to address.
November 21, 20195 min read
Privacy & Data Governance
CCPA Applicability: Who will the CCPA impact?
As the CCPA goes into effect on January 1, 2020, everyone who handles personal information regarding Californiaconsumers are going to be impacted.
November 06, 20193 min read
Privacy & Data Governance
IAB and CCPA: Let’s get technical
The IAB and IAB Tech Lab released the CCPA Compliance Framework for Publishers and Technology Companies on October 20, 2019.
October 31, 20196 min read
Cookie Consent
OneTrust PreferenceChoice’s cookie auto-blocking technology
OneTrust PreferenceChoice's Cookie Consent and Website Scanning is the most mature and trusted solution for cookie consent in the market.
October 19, 20194 min read
Privacy & Data Governance
California Privacy Rights and Enforcement Act Ballot initiative
On September 25, 2019, Alastair Mactaggart announced his new ballot initiative for the November 2020 ballot—the CPRA to amend the CCPA.
October 02, 20193 min read
Consent & Preferences
OneTrust Consent Management for Publishers: Delivering a personalized user experience
Publishers can manage consent across regulations and frameworks with OneTrust CMP consent management provider for publishers and advetisers.
September 23, 20192 min read
Privacy & Data Governance
The Nevada Privacy Law vs. the CCPA
Similar to the CCPA, Nevada allows consumers to opt-out of the sale of “covered information” collected through a website or online service.
September 17, 20197 min read
Cookie Consent
OneTrust: Keeping up with Cookie Consent
As marketers, it is important to keep track of the constantly changing rules and regulations. Read this blog to see how you can keep up with cookie consent.
September 11, 20192 min read
Privacy & Data Governance
The Dos and Don’ts of CCPA consumer right requests
The California Consumer Privacy Act (CCPA) is the first privacy law to pass in the US – transforming how organizations structure their privacy program.
August 27, 20194 min read
Privacy & Data Governance
ISO 27701 new privacy standard: How OneTrust got certified & how you can too
OneTrust recently announced that we received the world's-first ISO 27701 certification for a Privacy Information Management System (PIMS).
August 27, 20192 min read
Privacy & Data Governance
OneTrust policy and Notice management: Tackling CCPA disclosure and GDPR policy challenges
OneTrust Policy and Notice Management helps companies comply with the GDPR's privacy policy notice obligation and the CCPA's disclosure requirement.
August 13, 20192 min read
Privacy & Data Governance
What teams should be part of your internal CCPA team
While the CCPA will impact the entire organization, but one initial consideration is who should be part of your internal CCPA team.
July 22, 20195 min read
OneTrust raises $200 million Series A, valued at $1.3 billion
OneTrust announced a $200 million Series A investment, valuing the privacy, security and third-party risk company at $1.3 billion.
July 11, 20192 min read
Privacy & Data Governance
Nevada's privacy law
The Nevada Privacy Law allows consumers to opt-out of the sale of "covered information" collected through a website or online service.
June 05, 20195 min read
Third-Party Risk
Maintain updated data maps with OneTrust vendor risk management
With the OneTrust Vendor Risk Management platform and data mapping, companies sustain an up-to-date data map and automate alerts and actions.
May 07, 20194 min read
Privacy & Data Governance
Ready to become an expert? Everything you need to know about OneTrust’s PrivacyTech Expert Certification
Find out everything you need to know about the OneTrust Expert Certification training at OneTrust PrivacyTech 2019.
May 01, 20193 min read
Privacy Management
Privacy, the new global trade war: Part 3
As with any trade war, the primary victims are the individuals and businesses needing to adapt to the ever-changing patchwork of global privacy requirements.
March 18, 20196 min read
Privacy & Data Governance
OneTrust acquires DataGuidance!
Today OneTrust announced it has acquired DataGuidance, a leading, in-depth and up-to-date privacy and security regulatory research platform.
March 10, 20193 min read
Privacy & Data Governance
The importance of the CCPA Look Back requirement and what it means for your organization
The CCPA will take effect on January 1, 2020. Read the blog to learn more about the importance of the CCPA look back requirement.
March 07, 20194 min read
Third-Party Risk
The next evolution of Third-Party Risk Management is here with OneTrust’s Vendorpedia
Scale your third-party risk program with pre-populated privacy and security profiles on over 6,000 third-party vendors in OneTrust's Vendorpedia.
March 03, 20193 min read
Privacy Management
Privacy, the new global trade war: Part 1
The GDPR's extra-territorial scope is a big step in escalating the global shift towards digital protectionism and even stoking a global trade war.
February 25, 20196 min read
Privacy & Data Governance
CA Attorney General holds public forums on the CCPA: what you need to know
In partnership with the Department of Justice, the California Attorney General has scheduled several public forums to get feedback and opinions on the CCPA.
February 13, 20193 min read
GRC & Security Assurance
Incident & Breach Management – How can software help?
Here is a summary of the practical incident & breach management challenges and how software can help you to successfully tackle them.
February 11, 20196 min read
Privacy & Data Governance
OneTrust and Adobe team up for data privacy day
OneTrust for Adobe Experience Platform Launch and Adobe Experience Platform Mobile SDK integration will link OneTrust's mobile app records of consent.
January 28, 20192 min read
Privacy & Data Governance
Enable your Privacy and Security teams to work together with OneTrust for ServiceNow
OneTrust and ServiceNow, a cloud-based platform with solutions that deliver digital workflows to unlock productivity, will launch OneTrust for ServiceNow.
January 16, 20192 min read
Privacy & Data Governance
OneTrust expands presence into Australia and New Zealand with new Melbourne Office and Integrated ANZ Privacy Laws
OneTrust expanded support and resources for the Australia and New Zealand markets and integrated ANZ privacy laws into our privacy management platform.
August 18, 20182 min read
Privacy & Data Governance
What is the Brazil General Data Protection Law (LGPD)?
On August 14, 2018, the Brazilian president sanctioned the Brazil General Data Protection Law (LGPD). Read the blog to learn more.
July 20, 20185 min read
Consent & Preferences
OneTrust integrates Mobile App Consent solution into the OneTrust platform
OneTrust Mobile App Consent lets companies show user consent on mobile apps, allowing them to demonstrate compliance with global privacy regulations.
July 18, 20182 min read
Cookie Consent
OneTrust updates Cookie Consent solution with detailed records of user consent
We've added a new detailed Records of User Consent feature to the OneTrust Cookie Consent Tool, and customers will now have detailed records of consent.
June 28, 20182 min read
Third-Party Risk
OneTrust wins Risk Management Software of the Year at the 2018 FStech Awards
The FStech Awards selected OneTrust as Risk Management Software of the Year in 2018. Thank you to the FStech Awards for this incredible honor
April 25, 20182 min read
Privacy & Data Governance
The Article 29 Working Party issues revised guidelines on transparency
The WP29 has determined controllers should take to being transparent while embedding fairness and accountability into their transparency measures.
April 20, 20187 min read
OneTrust wins big at RSA Conference #RSAC
OneTrust Wins Big at the RSA Conference, including CEO Kabir Barday being named the Privacy Expert of the Year (Editor's Choice) for his innovation.
April 18, 20182 min read
Third-Party Risk
OneTrust joins the cloud security alliance
OneTrust joins the Cloud Security Alliance or CSA, a global leader in secure cloud computing, to simplify vendor risk management for GDPR compliance.
April 16, 20182 min read
Privacy & Data Governance
OneTrust adds Adobe Cloud Extension to help marketers with global privacy compliance
At the Adobe Digital Marketing Summit, OneTrust announced a new privacy management platform extension for Launch by Adobe.
March 27, 20182 min read
Privacy & Data Governance
WP29 publishes revised guidelines on personal data breach notification under GDPR
In October 2017, the Article 29 Working Party (WP29) issued guidelines on personal data breach notification under GDPR, which were submitted for public comment.
March 07, 20183 min read
Consent & Preferences
New OneTrust platform simplifies compliance challenges for marketers
OneTrust Simplifies GDPR Compliance for Marketers with Launch of Universal Consent and Preference Management Platform.
March 06, 20182 min read
Privacy & Data Governance
WP29 issues revised guidelines on Data Protection Impact Assessment (DPIA)
In 2017, WP29 Issues Revised Guidelines on DPIAs and whether processing is "likely to result in a high risk" per Reg. 2016/679.
October 18, 20176 min read
Privacy & Data Governance
OneTrust Data Subject Access Request (DSAR) portal simplifies GDPR Compliance
OneTrust launched the first-to-market DSAR portal, allowing data subjects to submit requests directly to organizations that process their data.
October 17, 20172 min read
Privacy & Data Governance
Irish High Court: Validity of the standard contractual clauses to be decided by the ECJ
The Irish High Court found that the Irish Data Protection Commissioner raised well-founded concerns about the validity of SCCS.
October 09, 20174 min read
Privacy & Data Governance
New suite of privacy management questionnaire templates available at OneTrust
OneTrust Announces EU Regulator Guidance-Based Privacy Templates for GDPR Compliance with a new suite of questionnaire templates.
September 06, 20172 min read
Privacy & Data Governance
Belgian DPA publishes template for Article 30 records
Belgian DPA publishes template for Article 30 Records in French and Dutch only, but you can attain an unofficial English translation in this blog.
September 05, 20172 min read
GRC & Security Assurance
CNIL publishes guidance on Incident management and notification
CNIL Publishes Guidance on Incident Management and Notification for GDPR on the notification of security incidents to regulatory authorities.
August 10, 20173 min read
Privacy & Data Governance
UK government publishes statement of Intent for new Data Protection Bill
UK Government publishes a statement of intent for a new Data Protection Bill to strengthen data protection laws in the UK and align with GDPR.
August 09, 20174 min read
Privacy & Data Governance
After reference by Article 29 Working Party, ISO publishes ISO/IEC 29134:2017
After Reference by Article 29 Working Party, International Organization for Standardization (ISO) publishes ISO/IEC 29134:2017 framework guidelines for PIA.
July 19, 20172 min read
Privacy & Data Governance
German DPA releases english translation of the Standard Data Protection Model
German DPA released an English translation of the Standard Data Protection Model (SDM), which addresses GDPR data protection goals.
May 12, 20172 min read
Privacy & Data Governance
Article 29 working party (WP29) guidelines on Data Protection Impact Assessments
Working Party 29 adopts guidelines on DPIA's and determining whether processing is "likely to result in a high risk" for the purposes of the GDPR.
April 14, 20176 min read
Cookie Consent
Nobody likes cookie pop-ups: Browser-based consent and the ePrivacy regulation
Nobody Likes Cookie Pop-Ups: Browser-Based Consent and the ePrivacy Regulation. Article 10 discusses the role browsers play in obtaining cookie consent.
February 22, 20176 min read
Privacy & Data Governance
Belgian DPA seeks public comments on DPIA draft recommendation
The Belgian DPA issues a draft recommendation and launched a public consultation to obtain input from stakeholders about DPIA obligations.
January 12, 20174 min read
Cookie Consent
GDPR compliance means cookie notices must change
GDPR Compliance Means Cookie Notices Must Change. You probably ticked the cookie law box ages ago and haven't thought about it since.
November 30, 20164 min read
Privacy & Data Governance
How GDPR applies to charities and NPOs
How GDPR Applies to Charities and Non-Profit Organizations... they're just as obligated as any other EU company to comply with GDPR.
September 29, 20163 min read
Privacy & Data Governance
OneTrust listed in three independent 2016 Gartner Hype Cycle assessments
Industry analyst firm Gartner, Inc. listed OneTrust in the category of Privacy Management Tools in three independent 2016 Hype Cycle industry assessments.
September 27, 20163 min read
Privacy & Data Governance
Concept of a Privacy Threshold Assessment
Concept of a Privacy Threshold Assessment (or Analysis). They're important, but they aren't the only evaluations necessary for an organization.
September 26, 20162 min read
Cookie Consent
OneTrust acquires Optanon, website auditing and cookie compliance solution
OneTrust Acquires Leading Website Auditing and Cookie Compliance Solution. Expands International Presence with Optanon acquisition.
September 12, 20163 min read
ESG Program Management
How to Build Your UK Net Zero Transition Plan
What does the UK Net Zero Transition plan mean for your organization? Learn more about how you can take action to drive consistent ESG reporting standards.