Launch of OneTrust - simplifying GDPR compliance
05 Aug 2019
Making it quicker, simpler and easier for staff to comply with the General Data Protection Regulation and manage information risk
Today we launch OneTrust, a new online system that will help simplify General Data Protection Regulation (GDPR) compliance by making it easier to record and track risks relating to information management.
What do I need to know?
- The Information Governance Risk Review (IGRR) and Information Governance checklist forms will be replaced with an online assessment in OneTrust. If you are involved in the procurement or development of a new IT system, you’re making changes to an existing IT system, or you are involved in a non-IT-related project or activity that involves collecting, using or sharing, information or data (whether it’s personal data or not) you must complete the IGRR online assessment.
- Staff responsible for information stores (i.e. where information is held/stored) and information processing activities (e.g. obtaining, recording, holding, altering, disclosing, destroying information) will be notified to review and update their records in OneTrust.
- Staff responsible for managing information risks relating to information assets or processing activities will track and record risks and mitigation in OneTrust.
- Anyone involved in a GDPR information rights request, will use OneTrust to respond to the University’s Information Governance Office (IGO), and each request will be managed and tracked in OneTrust.
How do I find out more?
The IGO are holding briefing sessions over the coming months. Places are available to book and more sessions will be added shortly.