OneTrust Allocates $300M To Automate Data Compliance And Governance
OneTrust, Atlanta-based data privacy and marketing solutions company, on December 21 said that it raised about $300 million from its $5.1 billion valuation. The firm confirmed that the funding round will be put toward product R&D as it aims to expand its marketing, sales, and engineering teams globally.
Around 64% of the respondents globally believe that adhering to compliance needs is a “very” or “extremely” effective strategy of keeping data secure, according to a Thales report. Nonetheless, compliance is considerably expensive.
A 2017 PricewaterhouseCoopers survey of executives at UK, US, and Japanese tech firms discovered that most of them spend millions on security. According to the survey, 88% of the companies planned to spend more than $1 million preparing for the European Union’s General Data Protection Regulation (GDPR) before its full implementation in May 2018. Among them, 40% said that they expected to spend at least $10 million.
A former BlackRock developer, Kabir Barday, anticipated the almost $51.5B compliance management market’s surge in 2016. He launched OneTrust together with co-chair Alan Dabbiere who is also the co-founder of AirWatch and Manhattan Associates. Barday was an early AirWatch employee that raised $200M in 2013 before Vmware bought it for $1.5 billion.
OneTrust raised $200M in a Series A funding round last July at a whopping $1.3 billion valuation. That is a valuation the company doubled to $2.7 billion in February 2020. The latest cash infusion comes after about a year, at a time when OneTrust increased its client base to over 7,000 organizations across 100 countries, up from 3,000 as of July 2019.
Notably, the company’s 3-year growth is 48,000% which makes it the fastest-growing company on Inc. magazine’s Inc. 500.
Almost 50% of the Fortune 500 firms now use its product suite, according to Barday. Some of the notable brands using their services include Tealium, Okta, Salesforce, Aetna, Randstad, Steelcase, 21st Century Fox, Adobe, Akamai, Criteo, Vevo, Oracle, Marketo, and Kickstarter.
OneTrust Offers Solutions
The company offers a privacy management program that enables firms to comply with the California Consumer Privacy Act (CCPA), the GDPR, and many other global privacy laws by using automation tools and research portals. It secures and streamlines all intake and fulfillment of consumer and subject rights requests and enables users to benchmark against their competitors.
The platform maps inventory records of processing and generating custom reports as data flows through their organization. But, OneTrust DataGuidance enables admins to search across at least 10,000 associated templates, extensive resources, and guidance case law. These resources are developed and contributed by a network of at least 500 lawyers together with 20 in-house legal researchers.
Also, admins can look up people’s data across on-premise systems and cloud networks while maintaining security standards that offer data redaction, review, and approval workflows.
On the other hand, OneTrust’s complementary PreferenceChoice tool lets firms to attract and grow opt-in demand while remaining entirely compliant. The tool surveys sites and creates consent and preference banners while drawing on Cookiepedia, a database of at least 7 million pre-categorized tracking cookies. It also incorporates business apps for access, portability, and deletion, while integrating a centralized preference center that has detailed consent records.
Turning attention to the third-party risk side of the equation, OneTrust’s Vendorpedia comes in handy. It assesses all direct suppliers, services, IT and non-IT vendors, franchisees and retailers, agents, legal organizations, and contractors with risk mitigation workflows and continuous monitoring.
It starts by prepopulating privacy and security data on thousands of vendors around the world, each of them with information at the service and product level. Using the tool, managers can create automated rules to trigger some reassessments or get alerts whenever enforcement actions happen.
Users can scour certificates, contracts, and documentation for critical terms using Vendorpedia and develop audit-ready reports with interactive dashboards and risk views. Furthermore, they can link vendors to effective IT systems and business processes with data mapping and inventory; eventually including the context in different vendor risks.
The company’s ever-growing Databreachpedia global law engine enables it to respond to breaches and incidents automatically. Customers can use an OneTrust dashboard to track any breaches and response progress. Through the same dashboard, they will guarantee that their team adheres to all notification deadlines and in some cases drill down to secluded incidents to review additional details.
This same dashboard can automatically flag risks during incident assessments and investigations. It recommends mitigation steps subject to regulatory guidance from hundreds of privacy laws.
Company Growth And Development
OneTrust launched Athena in 2020 to remain afloat and stay ahead of its competitors. By description, Athena is an Artificial Intelligence and robotic automation engine that blends seamlessly into OneTrust’s platform. After taking over Integris, OneTrust rolled out DataDiscovery, the new data governance and guidance, privacy, and ethics products.
DataDiscovery is a data discovery and classification solution that comes with free tools to automate CCPA and GDPR compliance programs. OneTrust operates from London but has offices in Bangalore, Munich, Hong Kong, San Francisco, New York, and Bangkok. The company employs at least 1,500 people worldwide.
Recently, the company also opened a data center in France with a dedicated team of local marketing and privacy experts. Moments before that, it introduced new operations in Brazil with hosting options and extensive support for Brazilian Portuguese and many other languages.
So far, OneTrust has raised at least $710 million in funding and allocated $300 million of that to the automation of data governance and compliance.