skip to main content


Today, OneTrust is focused on helping the enterprise manage not only the requirements of GDPR, but a global privacy program that necessitates the coordination of various regional data protection regulations and policies.


  • GDPR is not an anomaly, but rather the first domino to fall in a global trend of data protection regulations and directives. The global enterprise must increasingly meet the compliance requirements of not only one regulation, but many; regional variations necessitate an integrated privacy program rather than siloed point solutions.
  • Enterprise technology purchasing behavior has shifted in the wake of the GDPR deadline. Whereas purchases prior to the deadline were often narrow in scope and focused on meeting granular requirements, purchases today are focused more on integration capabilities and broad privacy management functionality agnostic to any particular regulation.
  • OneTrust takes a process-oriented approach to privacy management that codifies and facilitates the human workflows and tasks associated with data protection. Because the product integrates with existing IT investments and is agnostic to specific regulations, it provides a flexible platform that can adapt to the evolving compliance landscape.

Features and Benefits

  • Evaluates the global data privacy regulatory landscape, and explains why a GDPR-specific approach to data protection and privacy is not sustainable or scalable.
  • Identifies the purpose of an enterprise global privacy management program, and examines the role of technology solutions in achieving data privacy compliance.
  • Compares the enterprise technology purchasing and procurement behavior before and after the GDPR deadline, and interprets the shift in strategic motives for this change.
  • Identifies key product capabilities and core competencies of the OneTrust suite of modular, integrated data privacy management products.
  • Evaluates OneTrust's business strategy and value proposition in the scope of the global data privacy regulatory landscape, following the passing of the GDPR deadline.

Key questions answered

  • What are the key business drivers for data privacy management following the passing of the GDPR deadline?
  • Why does the enterprise need to architect a global data privacy management program, and what does such a program entail?
  • How have enterprise strategy and technology purchasing behaviors shifted since the passing of the GDPR deadline?
  • How does OneTrust differentiate itself from purpose-built compliance point solutions, and how does it facilitate the process management required for coordination of a global privacy program?
  • Why are OneTrust's business strategy and value proposition ultimately strengthened, rather than weakened, by the passing of the GDPR deadline?

Table of contents

Ovum view

  • Summary
  • GDPR is the first domino to fall in global data protection
  • Global privacy management programs take center stage
  • OneTrust's capabilities provide global privacy management


  • Further reading
  • Author