The role of privacy officer is one that is growing in importance, partly due to legislation such as the EU General Data Protection Regulation (GDPR) that stipulates the nomination of a privacy officer role with accountability specifically for data privacy.
GDPR includes data controller and processor obligations in Articles 24, 28, 29, and 46, resulting in shared liability across vendor relationships where regulated data is processed, and compliance concerns are driving organizations to institute greater contractual responsibilities and protections relating to data. OneTrust's Vendor Risk Management solution helps in the identification and management of risk from third- and fourth-party relationships, incorporating efficiency via automation and its provision of background information for compliance attestations.
