OneTrust and IAPP launch consent and data rights platform

OneTrust, a provider of enterprise privacy management software, together with and the International Association of Privacy Professionals (IAPP) have launched an updated Consent and Data Subject Rights Platform.

Available for IAPP members, the platform features solutions to support compliance with data protection regulations, including the GDPR and the ePrivacy Directive.

GDPR and ePrivacy overlap to create specific operational requirements for organisations to manage and validate consent preferences, facilitate data subject requests, as well as generate demonstrable record keeping in the event of a regulatory audit.

The IAPP-OneTrust Platform claims to simplify regulatory challenges and helps organisations embed privacy management within their business structure. It provides enables website owners to obtain and manage consent, as well as capture, manage, and communicate responses to data subject requests.

“The launch of the IAPP-OneTrust Consent and Data Subject Rights Platform emphasizes our unique leadership position in the market and capability to deliver comprehensive and cost-effective solutions at all price points,” said OneTrust CEO Kabir Barday. “As GDPR approaches, marketing teams are accelerating their implementation plans for compliance, and having a simple approach to consent management and subject rights management on B2B and B2C websites is key. We are pleased to make these key privacy enabling technologies available to IAPP members.”

IAPP and OneTrust’s platform offers consent management, website tracker scanning, subject rights management portal, privacy impact assessment automation platform, and a data mapping automation platform (for Art. 30 Records of Processing).

OneTrust’s privacy management software is used by more than 1,500 organisations to comply with data privacy regulations across sectors and jurisdictions, including the EU GDPR and ePrivacy (Cookie Law). Its software is deployed in an EU cloud or on-premise, and is based on a combination of intelligent scanning, regulator guidance-based questionnaires, and automated workflows.

These are used together to automatically generate the record keeping required for an organisation to demonstrate compliance to regulators and auditors.

With offices in London and Atlanta, helps organisations implement GDPR requirements, including: data protection by design (PbD), data protection impact assessments (PIA / DPIA), vendor risk management, incident and breach management, records of processing (data mapping), universal consent and preference management, ePrivacy cookie consent, data subject access, portability, and right to be forgotten.

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.