What is our primary use case?
My main use case for OneTrust Privacy involves conducting PIAs, DPIA assessments, cookie consent integrations, web form integrations, incident management, data discovery, and data classification.
For example, in my day-to-day work, we recently conducted a privacy assessment for an organization that was trying to build their data privacy compliance around GDPR. We conducted this assessment by sending out questionnaires.
I remember one specific time when we integrated OneTrust Privacy with BigID, where we used the web form for OneTrust Privacy and integrated that with the DSAR automation module of BigID, allowing the request from the workflow or the web form to go to BigID to perform an automated DSAR.
What is most valuable?
The best features OneTrust Privacy offers are its assessment capabilities and the ability to build custom workflows.
Regarding the custom workflows, if there is a specific requirement for an organization, I can build it out on my own without needing to know any coding. This allows me to design how the request form flows, the approval mechanism, or if I want to raise a red flag.
OneTrust Privacy has positively impacted my organization by enabling us to implement different clients' data privacy programs successfully, and it is a very helpful tool for that purpose.
What needs improvement?
OneTrust Privacy can improve in the area of data discovery and classification. While it is capable in terms of assessments and similar tasks, there is room for improvement when it comes to connecting to different data sources.
I suggest that there is an area for improvement in terms of customer support. Having a direct communication channel for partners without needing ticketing would be helpful.
For how long have I used the solution?
I have been using OneTrust Privacy for more than five years.
What do I think about the stability of the solution?
OneTrust Privacy is stable.
What do I think about the scalability of the solution?
OneTrust Privacy's scalability is elastic. I have seen OneTrust Privacy handle growing data or user needs smoothly, as long as I am not running out of memory or the worker nodes. Based on whatever memory I have allocated, it can elastically extend or reduce its requirements based on the load.
Which solution did I use previously and why did I switch?
We did not really switch from a different solution before OneTrust Privacy. However, we are using BigID for a different client, so it is not a matter of switching. We offer various tools and offerings based on the client's requirements.
What was our ROI?
I have seen a return on investment as we save time for the assessments. We need fewer employees to have a privacy program built out, and in terms of automation, it also saves time.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing indicates that OneTrust Privacy is a costly tool. The setup and everything are mostly done by the vendor side.
Which other solutions did I evaluate?
Before choosing OneTrust Privacy, we evaluated other options including BigID, Securiti.ai, and Microsoft Purview.
What other advice do I have?
My advice for others looking into using OneTrust Privacy is to look at the pricing and evaluate your requirements. Based on that evaluation, purchase the necessary licenses. Also, conduct a meeting with all stakeholders beforehand to ensure you are on the right track. I gave this review a rating of seven out of ten.
