OneTrust

OneTrust Privacy. Privacy Management Software. Operationalize Your ​Privacy Program for ​CCPA, GDPR & ​All the World's Privacy Laws​.

  • $300 – $6,500 per vulnerability
  • Safe harbor
Submit report

Version 6.32 Released!

Summary

Happy Friday, Researchers! OneTrust has released its latest version (6.32), which has provided new features to our solution for you to review and test. We have provided a list of new features that have been added along with the respective modules.

Our First-to-Find bonuses for our Featured Module are still in place.

New Features

Awareness Training

  • Users Not Enrolled Automation Rule

    Create automation rules using the Users Not Enrolled condition. This option allows you to automatically assign courses to new and existing users if they have not already completed the course.

Consent Management

  • Different Setting Options for Preference Center

    Choose between a setting switch or terms of designation using the Toggle Type selection menu on a Purpose on the Builder tab of a Preference Center page. This allows you to customize the appearance of the opt-in and opt-out options for Purposes.

  • Hide Data Elements on OneTrust Web Form Collection Points

    Hide selection type, single-select data elements on a OneTrust Web Form Collection Point using the Hide Form Field setting on the Builder tab of the OneTrust Web Form Collection Point. This allows admins to hide certain data elements that are not relevant or are already the default.

  • Manage Consent for a Data Subject from a Customer Relationship Management (CRM) Platform

    Update consent on behalf of a data subject from your CRM platform if integrated with the OneTrust application and have it recorded under the Data Subject Details screen and the Transactions screen. This allows your customer representatives to manage consent for data subjects without the need to log into the OneTrust platform.

Cookie Compliance

  • Data Subject Identifiers on the Preference Center

    Configure the display of a data subject identifier, description, and consent time stamp on the Preference Center.

Data Catalog

  • Search Using US Keyboard Special Characters in Search Strings

    Search for strings that contain US keyboard special characters in search strings. This allows you to more precisely define search criteria.

DataDiscovery

  • Enhanced Event Logs

    Search and filter a scan job's event logs for message text and date ranges for enhanced troubleshooting. These default filtering options allow users to quickly locate messages containing key text and identify logs received within a specific timeframe.

  • Job Insights Volume Scanned

    Identify the volume of data scanned during jobs in the Job Insights modal. This new Job Insights field, only available for the RDBMS, Office365, and Storage scanners, will list the current size of data retrieved so users can better understand the scan's progress and performance.

  • New Filter Criteria for Live Logs

    Search the worker node logs for status text and date ranges with newly added filter options. These default filtering options make it easier to surface log text containing INFO, WARN, and ERROR, while the date filters sort logs according to the following:

    • 6 hours ago
    • 24 hours ago
    • 3 days ago

  • New Values for Confidence Score Ranges

    Configure confidence score ranges with new values to more easily assess the classification service's accuracy during discovery review. This change to the confidence ranges allows users to define the score values for Low, Medium, High, or Very High confidence instead of percentages so they can quickly recognize the confidence of the recommended term presented during discovery review.

  • Edit System Classifier Metadata

    Edit the metadata training of system classifiers in the Details screen to account for known columns. This new configuration ability lets users add additional column values to the classifier's metadata training for improved classification labeling.

  • Criteria Conditions for Metadata Matches

    Define conditions to apply a classifier to discovered data according to the metadata match. This configuration ability allows you to create classifiers and require certain criteria for the metadata before the classifier label is applied to the discovered data.

Data Mapping

  • Add Multiple Categories or Classifications to Data Elements

    Multiple Categories or Classifications can now be added to Data Elements. This allows Data Elements to be classified based on regional laws and frameworks.

  • Deleting Attributes

    Delete attributes that are no longer necessary in the Inventory Manager. This will completely remove the attribute from your account.

Data Redaction

  • Redaction Support for PST Files

    Upload PST files to a Results Summary and take action on the required redactions before sharing files with data subjects. Due to the large sizes of PST files, the application can now split this file format into smaller segments for batch processing, which allows users to manage redactions for eligible file segments and choose specific segment(s) to be shared to the Privacy Portal.

  • Sort and Filter PST File Segments

    Organize the view of PST file segments in the Review File Segments modal according to their processing status. When the Status column header is clicked or when filters are applied, the list will sort file segments by the following values:

    • Classifying
    • Failed
    • Uploading
    • Ready for Review
    • Review in Progress
    • Reviewed
    • Redaction Not Supported
    • Redaction Ignored

  • Search, Sort, and Filter Attachments

    Locate attachments in the Results Summary with the new search bar, column sorting, and filter functionality. This enhancement allows users to match files to certain filter criteria and easily organize the list according to type, date, source, or status. When any column header is clicked, the values will organize from either alphabetical or ascending to descending.

  • Manage Redaction Preferences Checkboxes

    Choose whether default classifiers should be used to detect only, detect and redact, or not at all. This management ability allows users to decide if the included classifier labels should be applied for each new attachment upload to the Results Summary.

Enterprise Policy Management

  • Send Attestations for Standards and Procedures

    Create and send attestations to respondents for published standards and procedures. This feature allows users to acknowledge that they have read the document.

ESG Program Management

  • Create Custom Metrics

    Create custom metrics by clicking the Create Custom Metrics button on the Metrics screen. With custom metrics, you can collect and report against impactful data not tracked in existing standards and frameworks. You can also collect data points against your newly created metrics to track progress and report to your stakeholders.

Incident Response Management (Featured Module)

  • New Routing Rule Action

    Create routing rules that will assign an incident deadline when configuring workflow routing rules on the Routing Rules tab. This enhancement allows users to set a default deadline for incidents based on predefined criteria.

  • View Workflow Name in the Incident Details

    View the name of the workflow assigned to the incident on the Details tab of the Incident Details screen. With this enhancement, users can easily view and export relevant incident metadata, including the Workflow Name, directly from the incident record.

  • View Activity for Custom Attribute Options

    View the activity history of custom attribute options using the Context menu next to the option name on the Options tab of the Attribute Details screen. This feature allows users to track activity for attribute option changes for all active or inactive multi select and single select attribute options.

  • View Task Collaborators in Reports

    View task collaborators assigned to an incident task when a report is generated. This enhancement allows users to easily view all task collaborators in the custom incident and List of Incidents and Tasks reports.

Integrations

  • Multiple Emails for Failed Message Container Alerts

    Notify email recipients in bulk when a workflow fails. This notification enhancement targets all necessary stakeholders when messages are sent to the Failed Message Container for quicker resolution.

IT Risk Management

  • New Retired Control Status

    Set a control status as retired through an assessment or using the Update Status modal. With this enhancement, users can mark an outdated control as retired individually or in bulk and view the status on the Control Details tab and on reports in the Reporting module.

  • Manage Workflows in Centralized Location

    Manage risk and assessment workflows using the new Workflows menu. This feature allows users to easily configure workflows within their IT Risk Management module in a single location.

Privacy Rights (DSAR)

  • Updated Attachment Retention Page

    Utilize the updated Attachment Retention screen with updated titles, labels, and warning modal. This feature allows users to automatically delete all attachments for applicable requests after a period of time configured by the user.

  • Colorado CPA Workflow & Web Form

    Intake requests with the new Colorado CPA web form template and workflows preconfigured with fields and conditional logic to assist with these request types and to ensure user compliance.

  • Colorado CPA Response Templates

    Process requests along the new Colorado CPA workflow configured with newly seeded response templates.

Settings & Administration

  • Default Task Views

    Sort tasks in the Tasks section of the Alert Center using the following new default task views:

    • Tasks Past Due
    • Tasks Due This Week
    • Collaborative Tasks
    • All Tasks
    • My Tasks

    This feature provides the ability to quickly narrow down tasks to those relevant to your selected view.

  • Custom Task Views

    Create and save custom task views in the Tasks section of the Alert Center. With this enhancement, you can configure and organize the task details most relevant to you, save your customizations for future use, and share these custom views with other users.

  • Task Reminder Notifications

    Automatically send email notifications to users as reminders of tasks that are still outstanding using the new Task rule type available when configuring automation rules. This enhancement allows you to configure when reminder emails are sent based on the task deadline, allowing you to remind assignees and collaborators of tasks that need to be completed.

Vendor Portal

  • Trust Profile Activity Log

    Select View Activity from the Context menu in your Trust Profile to track user activity related to details, assessments, certificates, and the sharing of your Trust Profile. This allows you to see what changes were made, who made the changes, and when the changes were made.

  • Sharing Your Trust Profile

    Share a public link to your Trust Profile. This enhancement allows you to generate a publicly accessible link from your Trust Profile to share with customers and prospects and manage your shared links.

Vendor Risk Management

  • Bulk Import Custom User Type Attributes for Engagements

    Create and update user type attributes when using the Update Engagements and Create Engagements import templates. This allows you to import or make changes to custom user type attributes on multiple engagements at once.

OneTrust
OneTrust