Blog
Maryland’s Online Data Privacy Act (MODPA) key rules & requirements
Maryland has become part of the growing wave of U.S. states adopting comprehensive privacy laws.
Harry Chambers
Regulatory Content Strategist
October 6, 2025
Maryland has become part of the growing wave of U.S. states adopting comprehensive privacy laws with the Maryland Online Data Privacy Act (MODPA). Enacted in 2024, it took effect on October 1, 2025, but the law will not apply to processing activities that occurred before April 1, 2026. This gap gives organizations a short transition period, but preparation should begin well before those dates.
It introduces stricter rules than many existing state laws, with an approach to sensitive data, consumer rights, and algorithmic decision-making that creates a distinct compliance burden. Organizations must adapt policies, technical controls, and processes to align with Maryland’s specific expectations, which often go beyond what other state frameworks currently require.
By setting a higher bar in areas such as the prohibition of sensitive data sales and the obligations tied to automated decision-making, Maryland signals how state-level privacy rules are evolving. Businesses, nonprofits, and regulators worldwide are watching how these requirements will influence future standards.
Scope and applicability: Who must comply
MODPA’s scope is broad, and it applies to a wide range of organizations operating in Maryland. Two primary thresholds determine whether an entity falls under its obligations:
- Data volume: Organizations that process the personal data of at least 35,000 consumers in a calendar year must comply. Importantly, this number excludes payment transaction data, which narrows the threshold slightly.
- Revenue from data sales: Organizations that earn revenue from selling the personal data of at least 10,000 consumers must also comply, if those sales represent 20% or more of total gross revenue.
This scope captures a broad range of entities, including many mid-sized businesses that may not fall under other state privacy laws. A key differentiator is Maryland’s treatment of nonprofits. Unlike many other states that broadly exempt nonprofit organizations, MODPA applies to them with very narrow exceptions. Only first responder organizations, or nonprofits that process personal data solely to assist law enforcement with investigating crimes or fraudulent insurance activity, are carved out. This means many nonprofits will be subject to the same obligations as for-profit companies.
Maryland also uses “personal data” instead of “personal information” and defines “sale” broadly to include exchanges for monetary or other valuable consideration. This mirrors trends in other states but still expands the number of data transactions captured under the definition.
By expanding the scope in this way, Maryland is making it clear that MODPA is not limited to big tech players or consumer data brokers. The law extends to any organization meeting the thresholds, regardless of size or sector, and places responsibility for compliance squarely on them.
Key requirements: Sensitive data, consumer rights, and automated decision-making
One of the most notable elements of MODPA is its treatment of sensitive data. Sensitive data includes genetic, biometric, health, precise geolocation, and children’s information. Organizations may only collect, process, or share sensitive data when it is strictly necessary to provide or maintain a product or service the consumer has requested. The law prohibits the sale of sensitive data entirely, and importantly, consent does not override this prohibition. This restriction marks a significant departure from most state laws, which allow the sale of sensitive data with consumer consent.
MODPA also introduces a full suite of consumer rights, giving individuals strong control over their personal data. These rights include:
- The right to be informed about data processing activities.
- The right to confirm whether personal data is being processed.
- The right to access, correct, and delete personal data, subject to certain legal retention rules.
- The right to data portability.
- The right to opt out of sales, targeted advertising, and profiling.
When it comes to profiling, Maryland narrows the scope to decisions made solely by automated means that have legal or similarly significant effects, such as lending or hiring. This distinction highlights the state’s concern about algorithmic fairness and accountability.
Consent plays a central role. Organizations must obtain opt-in consent for further processing beyond the original purpose and for handling sensitive data. Consumers must be able to withdraw consent easily, and organizations must honor withdrawal requests within 30 days.
MODPA also requires transparency around data sharing. Consumers can ask organizations to provide the categories of third parties that received their data. They may also appoint a representative to exercise rights on their behalf.
By aligning consumer rights with broader state trends while layering stricter conditions on sensitive data and profiling, Maryland is advancing a more consumer-centric privacy model that demands careful operational planning.
Organizational obligations and enforcement
MODPA goes beyond granting rights. It imposes obligations on controllers and processors that demand changes to privacy operations. Controllers must implement reasonable security measures, conduct risk assessments, and publish clear privacy notices. Notices must explicitly state whether personal data will be sold or shared and explain how consumers can exercise opt-out rights. These disclosures must be clear, prominent, and written in straightforward language.
Data protection assessments are required for processing representing a heightened risk of harm to consumers, including sales of personal data, targeted advertising, and profiling. A unique aspect of MODPA is its explicit requirement to address algorithms in an assessment, underscoring the state’s focus on automated decision-making.
At the same time, processors also have obligations tofollow controller instructions, maintain security, stop processing when directed, and support compliance efforts, including consumer rights requests.
Enforcement sits with the Maryland Attorney General. Organizations receive 60 days to cure violations once notified, which is longer than the cure periods in some states. Penalties reach up to $10,000 for a first violation and up to $25,000 for each subsequent violation. Consumers do not have a private right of action under MODPA, meaning they cannot bring lawsuits directly. This leaves enforcement entirely in the hands of the state.
The law’s delayed application to pre-April 2026 processing activities provides organizations with a brief window to get systems in place. But delaying compliance preparation risks creating a bottleneck as the effective date approaches.
Preparing for compliance: Practical steps for organizations
Maryland’s approach to sensitive data, consumer rights, and automated decision-making makes MODPA stand out among state privacy laws. Preparing for compliance involves three key steps:
- Inventory data with a focus on sensitive categories
Build a clear picture of what personal data you process and whether any of it qualifies as sensitive under MODPA’s definition. Pay attention to biometric, health, and geolocation data in particular. - Evaluate automated decision-making systems
Assess how algorithms are being used, especially in decisions with legal or significant effects. Incorporate these systems into data protection assessments to meet MODPA’s specific requirements. - Review consent mechanisms and notices
Ensure consumers have clear and easy ways to opt in for sensitive data and to withdraw consent. Update privacy notices so they provide transparency in plain language, particularly around sales and targeted advertising. - Strengthen risk assessment and security practices
Prepare to conduct thorough assessments for processing activities starting October 1, 2025. Reinforce security controls to meet the expectation of “reasonable” protection. - Engage nonprofit stakeholders
Nonprofit organizations that previously assumed exemptions under other laws should reexamine their practices. MODPA’s narrow nonprofit carve-out means compliance may now apply.
The dual dates of October 2025 and April 2026 require careful attention. Enforcement begins in October, but processing activities prior to April 2026 are not covered. Organizations should use this window to update systems and processes, but they should not view it as extra time to delay action. The sooner preparation begins, the smoother compliance will be when the law takes full effect.
Moving forward
MODPA reflects the trajectory of U.S. state privacy laws toward more rigorous protections, particularly for sensitive data and automated decision-making as well as setting a higher bar of privacy accountability.
Managing compliance with laws like MODPA will take more than manual processes. OneTrust helps privacy teams automate data subject rights, build accurate data inventories, and integrate privacy by design into daily operations. With automation, organizations can respond quickly to regulatory change, reduce the burden of repetitive tasks, and maintain a clear line of accountability.
To explore how OneTrust can support your privacy program as MODPA approaches, request a demo to see the platform in action.
Key questions about MODPA
The Maryland Online Data Privacy Act (MODPA) is a comprehensive state privacy law adopted in 2024. It took effect on October 1, 2025, with application beginning April 1, 2026. The law creates obligations for organizations processing personal data and grants Maryland consumers extensive rights, with special restrictions on sensitive data and automated decision-making.
MODPA applies to organizations that process the personal data of at least 35,000 consumers annually (excluding payment data) or that derive 20% or more of their gross revenue from selling the data of at least 10,000 consumers. Nonprofits are largely included, with narrow exceptions for first responders and organizations supporting law enforcement fraud investigations.
MODPA sets stricter requirements than many state laws. Sensitive data, such as biometric, genetic, health, precise geolocation, and children’s information, may only be processed when strictly necessary to deliver a service requested by the consumer. The sale of sensitive data is prohibited outright, and consent does not override this ban.
Organizations should begin with a thorough inventory of data, paying close attention to sensitive categories. They should conduct risk assessments that include profiling and algorithmic decision-making and update privacy notices, consent mechanisms, and workflows to reflect MODPA’s requirements. Early action ensures smoother compliance and reduces the risk of penalties.
You may also like
Webinar
Privacy Automation
Turning regulatory change into action with DataGuidance & Copilot
Discover how OneTrust DataGuidance and Copilot turn global privacy regulations into actionable workflows, helping teams stay compliant efficiently.
November 13, 2025
Webinar
AI Governance
Navigating AI governance: Privacy compliance under Philippine law
Join this webinar to learn how the Philippines is activley sharing its AI Governance framework, with new guidelines from the NPC and updates to the DPA that impact how organisations deploy and manage AI systems.
November 06, 2025
Webinar
Privacy Automation
Managing data privacy and cybersecurity in insurance
Discover how insurers can navigate global privacy laws and cybersecurity mandates. Learn strategies for AI risk, third-party oversight, and data governance to build a resilient, privacy-first insurance organization.
November 06, 2025
Webinar
Privacy Automation
Navigating the cybersecurity threat landscape: Legal and compliance perspectives for financial services firms
As financial services firms across Europe and the U.S. face an increasingly complex cyber threat environment, legal and compliance leaders are at the forefront of managing risk, regulatory obligations, and incident response.
November 04, 2025
Webinar
Privacy Automation
End-to-end automation for DSRs & privacy incidents
Learn how OneTrust automates DSRs and privacy incident management to reduce risk, accelerate responses, and scale privacy operations.
October 23, 2025
Webinar
Privacy Automation
Global regulatory update: Q4 2025 privacy & data trends
Stay ahead of privacy and data protection in Q4 2025. Join OneTrust’s live update covering US state laws, EU AI Act readiness, children’s data, cross-border transfers, DORA, APAC trends, and key enforcement actions.
October 14, 2025
Webinar
Privacy Automation
Automating your privacy map and risk workflows
Learn how privacy teams automate data mapping, vendor risk, DPAs, and privacy impact assessments with OneTrust.
October 02, 2025
Checklist
Privacy Automation
Financial services privacy readiness checklist
Download the Financial Services Privacy Readiness Checklist to address evolving regulations, strengthen customer trust, and govern AI risks with a clear, structured privacy approach.
September 25, 2025
Webinar
Privacy Automation
State spotlight: Navigating the new Maryland & Minnesota privacy laws
Explore Minnesota & Maryland’s new privacy laws. Learn how automation helps teams stay compliant, efficient & audit-ready in 2025’s evolving landscape.
September 18, 2025
eBook
Privacy Automation
Malaysia PDPA Amendment Act: Essential compliance handbook for privacy professionals
Download your guide to Malaysia’s PDPA 2024 amendments: key changes, compliance steps, penalties, and tools to build a future-ready privacy program.
September 05, 2025
Webinar
Privacy Automation
From compliance to scale: Real-world lessons in privacy automation
Discover expert insights on scaling privacy automation, overcoming common challenges, and using AI to boost efficiency—perfect for privacy programs at any maturity stage.
September 03, 2025
Webinar
Privacy Automation
Moving from risk to revenue: Consent management with OneTrust and Hightouch
Unlock revenue and customer trust. Learn how OneTrust + Hightouch activate consented data to power compliant, personalized marketing at scale.
August 13, 2025
Webinar
Privacy Automation
Scaling privacy in financial services: Navigating regulation, consumer trust, and AI
Join privacy and risk experts from OneTrust and KPMG as they break down the critical trends shaping the future of privacy in financial services—and how leading institutions are responding.
August 12, 2025
Webinar
Privacy Automation
CCPA developments & trends in 2025
Join us for an insightful webinar as we delve into privacy developments in California in 2025, and learn how California privacy legislation shapes up against a developing privacy landscape across the US with privacy law amendments and data privacy rules, including trends in enforcement.
August 12, 2025
Webinar
AI Governance
Agentic AI: Navigating the tension between privacy and the next generation of AI
Explore the value, risks, and privacy implications of AI agents. Learn how they work, common myths, blind spots, and key concerns for privacy professionals.
July 25, 2025
Webinar
Privacy Automation
Optimize privacy operations: Scale and manage risks effectively
This session will explore strategies for scaling privacy automation and risk management as well as overcoming compliance and automation challenges.
July 17, 2025
Webinar
Privacy Management
OneTrust Using OneTrust: Managing data privacy
Learn how how our Privacy department leverages OneTrust's tools to automate privacy workflows, ensuring compliance and efficiency.
July 16, 2025
On-Demand
Privacy Automation
Global regulatory update: 2025 privacy trends & what to watch next
Join OneTrust for a live mid-year update on the key privacy trends and regulatory shifts defining 2025. With intelligence from OneTrust DataGuidance, you’ll walk away with a clear view of where regulation is heading and how to stay ahead in a year of constant change.
July 09, 2025
On-Demand
Privacy Automation
Navigating EO 14117: A roadmap for compliance and risk mitigation
Join experts from OneTrust, KPMG, and Hogan Lovells for a timely webinar designed to help you navigate the complexities of Executive Order 14117 and the DOJ’s recent guidance.
July 08, 2025
Webinar
Privacy Automation
Strengthen your privacy & AI governance strategy with OneTrust DataGuidance
In this live demo, learn how OneTrust DataGuidance helps you reduce research time, minimize external counsel costs, and confidently meet global compliance requirements at scale.
June 30, 2025
Infographic
Privacy Automation
Philippines' PDPA compliance: What you need to know
The Philippines' Personal Data Protection Act was established to uphold the right to privacy and ensure organizations manage personal data with care, transparency, and accountability.
June 27, 2025
Webinar
AI Governance
Bringing privacy to the AI table with data protection by design
Join our webinar to see how privacy professionals are embedding compliance and trust into AI governance programs from the start.
June 24, 2025
Webinar
Privacy Automation
Automating privacy touchpoints: Notices, consent, and DSRs made easy
Join us and learn how to simplify and scale privacy compliance by automating key consumer touchpoints.
June 12, 2025
Webinar
Privacy Automation
Live demo: Scale privacy with automation
Join our live demo and see how OneTrust Privacy Automation empowers privacy teams to simplify compliance, reduce manual work, and scale programs efficiently.
May 29, 2025
Webinar
Privacy Management
Celebrating the GDPR's 7th anniversary
Join us as we celebrate the GDPR's 7th anniversay and discuss the landmark's privacy law's milestones and compliance challenges.
May 28, 2025
eBook
Third-Party Risk
Data privacy compliance and Third-Party Risk Management: A unified approach
These days, organizations are required to safeguard their customer data and comply with privacy regulations — a task that becomes even more challenging with the increase in third-party relationships.
May 23, 2025
eBook
Privacy Automation
Simplifying Philippines PDPA compliance: A practical guide for privacy professionals
Learn what the Philippines' PDPA requires and get practical steps to build a scalable, privacy-forward compliance program.
May 15, 2025
Webinar
Privacy Automation
Streamlining compliance: Best practices for privacy automation
Join our webinar as we explore best practices for streamlining compliance through automation, enhancing efficiency and reducing manual effort.
May 13, 2025
Webinar
Privacy Automation
Scaling privacy: Inside OneTrust’s AI agents and automation
Learn how OneTrust's latest AI innovations, including Privacy AI Agents, are enabling privacy teams to govern effectively and move quickly.
May 01, 2025
Webinar
Privacy Automation
Driving value through automation: Practical steps to scale your privacy program
Learn how to transition from compliance to scalable automation, enhancing efficiency, reducing risks, and improving compliance outcomes.
April 24, 2025
White Paper
Responsible AI
You can’t scale privacy without AI: Welcome to the new era of privacy management
Learn how AI agents are transforming privacy operations. Helping teams scale compliance, reduce manual work, and lead with confidence.
April 23, 2025
Webinar
Privacy Automation
Laying the foundation: The why and how of privacy automation
Join our webinar as we introduce the Data Privacy Maturity Model, explaining its importance in identifying where your organization stands today and how to strategically advance.
April 17, 2025
Webinar
Privacy Management
NIS2 in practice: Implementation of technical measures
Join experts from Sidley Austin LLP and ENISA for a webinar on the practical implementation of NIS2 technical measures. Gain insights on compliance, technical strategies, and the latest EU legislation to strengthen your NIS2 readiness.
March 20, 2025
Webinar
Privacy Management
Privacy roadmap 2025: What organizations need to prioritize
Join our webinar, Privacy Roadmap 2025 – What Organizations Need to Prioritize, to explore key privacy trends, regulatory updates, and AI governance challenges
March 04, 2025
Webinar
Privacy Automation
Turn compliance into your competitive edge with Privacy Automation
This webinar explores the evolving privacy landscape, the future of compliance, and real-world examples of effective privacy automation.
February 27, 2025
Webinar
Privacy Automation
Navigating the FTC's amended COPPA Rule: Key updates and compliance strategies
This webinar covers key updates to the FTC's amended COPPA Rule. Learn revised privacy notice requirements, verifiable parental consent, governance protocols, and best practices for data retention.
February 25, 2025
Webinar
Privacy Automation
Live demo: OneTrust Data & AI Governance
Register for this 30-minute live demonstration to see how a data steward and an AI product owner use OneTrust Data & AI Governance.
February 25, 2025
Interactive Tool
Privacy Automation
OneTrust data privacy maturity self-assessment
Gauge the maturity of your privacy program and identify areas of improvement to further mature your privacy operations.
February 18, 2025
Webinar
Privacy Automation
IAPP hosted webinar: Discovering the ROI of Privacy Automation
Discover how OneTrust Privacy Automation transforms privacy programs from compliance-focused to strategic assets. Learn how automation maximizes ROI, boosts efficiency, mitigates privacy risks, and drives competitive advantage.
February 06, 2025
Webinar
Privacy Management
APAC Data Privacy Day 2025
Join us for a special Data Privacy Daty 2025 webinar as we look back on 2024's data protection and privacy trends across Asia Pacific and Japan (APAC), as well as what to expect in the region for 2025.
January 30, 2025
Webinar
Privacy Automation
OneTrust in Action: Building Seamless and Trusted User Journeys - Live Demo
Learn how to streamline data privacy compliance with OneTrust Consent & Preferences. Build trust, enhance user experience, and align with global regulations through user-driven consent management.
January 29, 2025
Webinar
Privacy Management
2024 to 2025: Preparing for the next wave of privacy regulations
Prepare for 2025's privacy changes with this recap webinar on 2024's regulations and explore upcoming laws, trends, and compliance strategies.
January 23, 2025
eBook
Privacy Management
Your Data Privacy Day handbook
This guide give you a range of information and resources to raise privacy awareness this Data Privacy Day.
January 21, 2025
Webinar
AI Governance
Overcoming the privacy pitfalls of GenAI (APAC)
Join us and learn about the data privacy risks of adopting GenAI and practical strategies on avoiding them.
January 08, 2025
Webinar
Privacy Management
Top 10 privacy moments that shaped 2024
In this webinar, DataGuidance privacy analysts will review of privacy enforcement trends in 2024, explore global AI regulations, including the EU AI Act, and discuss global privacy legislation developments in 2024.
December 19, 2024
Webinar
Privacy Management
Emerging privacy laws in the Northeast: Key insights and compliance strategies
Join our webinar to explore key 2025 data privacy laws in the Northeast US, including New Jersey’s Senate Bill 332, New Hampshire Senate Bill 255, and Rhode Island's Data Data Transparency and Privacy Protection Act.
December 18, 2024
Infographic
Consent & Preferences
Deliver hyper-personalized experiences with a privacy-first approach to first-party data
Download our infographic to earn how to navigate new privacy laws and deprecating cookies with Adobe CDP and OneTrust.
December 18, 2024
Webinar
Privacy Automation
Redefining privacy as a business asset: The value of Privacy Automation
This webinar will explore how OneTrust Privacy Automation transforms privacy programs into proactive, business-aligned functions that enhance decision-making and accountability.
December 17, 2024
Webinar
Cookie Consent
How to handle opt-outs for tracking pixels under Australian privacy law
Join our webinar to learn how to master consent management and handle opt-outs for tracking pixels.
December 12, 2024
Infographic
Privacy Automation
GDPR: Dos and don'ts
Navigating GDPR compliance can feel daunting, especially for businesses with limited resources. This quick infographic guide of actionable “dos” and “don’ts” will help you develop the foundation of a broader privacy-first approach that keeps you aligned with your GDPR compliance goals.
December 10, 2024
Report
Privacy Automation
Defining a new direction for data
As AI continues to offer unparalleled opportunities for business innovation, it also presents risks that organizations must tackle head-on through scalable governance programs that span multiple data sources. Six key trends are defining these challenges.
November 13, 2024
Webinar
Privacy Automation
From request to resolution: Simplifying DSRs with automation
Learn how OneTrust's Data Subject Rights (DSR) Automation solution can automate DSRs from intake through fulfillment including ID verification, data detection and deletion, redaction, and secure response.
November 06, 2024
Webinar
Privacy Automation
Explore the future of regulatory intelligence: A DataGuidance demo
In this live demo webinar, we will showcase the advancements in regulatory intelligence embedded within the DataGuidance platform, which offers comprehensive and updated regulatory research across 300+ jurisdictions.
October 29, 2024
Webinar
Privacy Automation
Privacy beyond compliance: Driving business value through responsible data use
Learn how to evolve your privacy program beyond compliance and drive business value through the responsible use of data.
October 24, 2024
Webinar
Privacy Automation
Tackling your key challenges from the ICO Data Protection Practitioner's Conference
Following this year’s ICO Data Protection Privacy Conference, we’re bringing together a panel of leading privacy and data governance experts from the OneTrust Chapter Chair Community to address your most pressing questions.
October 23, 2024
Webinar
Privacy Automation
Build resiliency and operationalize compliance with OneTrust: Fall product release recap, 2024
Join our upcoming product release webinar to explore how these new capabilities can help your organization navigate complex frameworks, streamline third-party management, and accelerate AI and data innovation.
October 22, 2024
Video
Privacy Automation
Transforming data privacy and governance with OneTrust and Snowflake
OneTrust’s privacy platform, powered by Snowflake, ensures secure data sharing and governance, helping organizations manage privacy without compromising collaboration.
October 18, 2024
Webinar
Privacy Automation
Privacy automation 101: Simplifying data mapping and risk assessments
Join this webinar to learn how OneTrust helps you automate Data Mapping and Privacy Risk Assessments and how to overcome maintenance challenges.
September 25, 2024
Report
Privacy Automation
Discover the economic benefits of OneTrust
Download this 2024 Forrester Consulting Total Economic Impact™ study to see how OneTrust has helped organizations navigate data management complexities, generate significant ROI, and enable the responsible use of data and AI.
September 24, 2024
Report
Privacy Automation
Proven ROI with OneTrust
Learn how a composite organization achieved a 227% return on investment over 3 years and payback in just 7 months by leveraging OneTrust to streamline privacy, data governance, and consent management.
September 24, 2024
Webinar
Privacy Automation
Global regulatory update: Recent privacy developments and compliance trends
Join us for a webinar on the latest updates and emerging trends in global privacy regulations.
September 12, 2024
Webinar
Privacy Management
OneTrust Live: Unlocking the power of automation for privacy programs
Join us for a live demo where we will discuss the advanced capabilities of OneTrust solutions in data privacy enforcement, first-party data collection, and AI innovation.
August 21, 2024
Webinar
Privacy Management
CPRA in action: OneTrust Live Demo
Join us for a deep dive tour of our suite of technology solutions for operationalizing and automating CPRA requirements across Do Not Share, Consumer Rights and privacy governance operations.
August 01, 2024
Webinar
Responsible AI
Privacy and AI: Bridging the divide
Watch this webinar for insights on ensuring responsible data use while building effective AI and privacy programs.
July 31, 2024
eBook
Privacy Automation
Moving through the Data Privacy Maturity Model
Explore the Data Privacy Maturity Model to evolve your data privacy program from compliance-focused to a strategic, value-driven framework.
July 29, 2024
Webinar
Technology Risk & Compliance
Introducing OneTrust Compliance Automation
Join us as we explore OneTrust Compliance Automation, a holistic and fully integrated solution that streamlines and optimizes workflows, compliance, and attestation.
July 25, 2024
Webinar
Privacy Management
Going beyond CCPA
Join us for an in-depth webinar on "Going Beyond CCPA," where we will explore the intricacies of privacy laws, compare major regulations, and provide guidance on enhancing your privacy policy.
July 25, 2024
Webinar
Privacy Management
The evolution of CCPA
Join us for an insightful webinar on "The Evolution of CCPA" where we will delve into the latest amendments, understand their impact, and explore the new requirements and implications for businesses.
July 18, 2024
Webinar
Privacy Management
Mastering data privacy: Navigating CCPA, CPRA, and beyond
Mastering Data Privacy: Expert Guidance on CCPA, CPRA, GDPR Compliance, Privacy Policy Best Practices, and Live Demo Insights
July 18, 2024
Webinar
Privacy Management
OneTrust Live: Complying with US Privacy Laws Effective July 2024
Join us on July 17th for a live demo of OneTrust's solutions, providing you with practical tools and strategies to ensure your organization is compliant with both new and existing data privacy laws in the US.
July 17, 2024
Webinar
Privacy Management
OneTrust Live: Revolutionizing Your Data Strategy with Enhanced Privacy and AI
Join us for a live demo showcasing the cutting-edge capabilities of OneTrust solutions in the realms of data privacy enforcement, first-party data collection, and AI innovation.
June 12, 2024
Webinar
Privacy Management
From legislation to operation: How to prepare for the new wave of US Privacy laws
Prepare your organization for the new wave of US privacy laws.
June 06, 2024
eBook
Privacy Management
Understanding data transfers under the GDPR ebook
In the ebook, we delve into the fallout from Schrems II and explore how organizations based in Europe can best navigate international data transfers under the GDPR.
June 05, 2024
Webinar
Privacy Management
Preparing for a new regulation: Lesson learned from the GDPR businesses can apply to the EU AI act?
Join our panel of experts as we celebrate GDPR Anniversary and take a closer look at the relationship between the GDPR and AI Act.
May 23, 2024
Webinar
Privacy Management
DSAR Product Demo with Data Privacy Group
Join our webinar to learn the practical tips and use cases for automating DSAR requests.
May 21, 2024
Webinar
GRC & Security Assurance
Empowering your cyber defense: Key insights into the latest NIST CSF update with PwC
Join this webinar with OneTrust and PwC and gain insights into the upcoming NIST CSF update and learn how to effectively deploy it across your organization.
May 08, 2024
Webinar
Privacy Management
Best practices for managing employee DSARs in the EU and UK
In this webinar, our panel of experts will explore best practices for managing common complexities experienced when managing DSARs in the EU and UK.
May 08, 2024
Webinar
Privacy Management
Federal US privacy bill on the horizon? Exploring the draft APRA & new state privacy legislation
Join OneTrust DataGuidance and expert contributors for an overview of the Kentucky Consumer Privacy Act (KCPA), Maryland's Senate Bill 0541, and the draft American Privacy Rights Act and explore how a federal bill could shape the US privacy landscape.
April 23, 2024
Video
Privacy Management
Navigating the data lifecycle with OneTrust Privacy & Data Governance
Explore how OneTrust solutions help you navigate the information lifecycle, ensure compliance, mitigate risks, and enhance data governance practices.
April 22, 2024
Webinar
Privacy Management
April Privacy & Data Governance Cloud demo webinar
See how OneTrust's Privacy & Data Governance Cloud operationalizes regulatory compliance and helps ensure privacy and responsible data use.
April 17, 2024
Webinar
Privacy Management
Spring into action! Navigating CPRA: Ensuring compliance and protecting privacy
Join us for an interactive webinar we dive into the CPRA, which will go into force on March 29th.
March 21, 2024
Webinar
Privacy Management
Navigating data privacy in 2024: Global regulatory updates & compliance strategies
Join our webinar for a comprehensive overview of the latest global data privacy regulations and updates impacting businesses in 2024 and how to prepare.
March 20, 2024
eBook
Privacy Management
Preparing to self-certify with the EU-US DPF
The EU-US DPF represents an important mechanism for US-based companies to lawfully transfer personal data form the EU to the US. Use this eBook to learn more about how to self-certify with the framework and its seven core principles.
March 07, 2024
Webinar
AI Governance
Revisiting IAPP DPI Conference – Key global trends and their impact on the UK
Join OneTrust and PA Consulting as they discuss key global trends and their impact on the UK, reflecting on the topics from IAPP DPI London.
March 06, 2024
Webinar
Technology Risk & Compliance
PCI DSS Compliance: How to scope and streamline monitoring with Certification Automation
Join our PCI DSS webinar where we discuss how Certification Automation can help free up valuable InfoSec resources, streamline audits, and stay continuously compliant.
March 05, 2024
eBook
Privacy Management
Quebec's Law 25: What the CPO wants the CTO to know
Quebec’s Law 25 is a major legislative development in Canadian privacy that will have a significant effect on IT systems. Learn more about what the CPO wants the CTO to know.
February 26, 2024
AI Governance
Catch it Live: See the All-New Features in OneTrust's Winter Release
See the latest OneTrust platform features that improve on customers' ability to build trust, ensure compliance, and manage risk.
February 22, 2024
Data Sheet
Privacy Automation
An overview of the Data Privacy Maturity Model
Data privacy is evolving from a regulatory compliance initiative to a customer trust imperative. This data sheet outlines the four stages of the Data Privacy Maturity Model to help you navigate this shift.
February 05, 2024
Webinar
Privacy Automation
Embedding Privacy by Design through PIA Automation
Join us for a webinar on Embedding Privacy by Design through PIA Automation.
January 11, 2024
Webinar
Privacy Management
Automating fulfillment of subject rights requests in the US
Learn how Privacy Rights Automation helps to fully automate privacy rights requests.
December 06, 2023
Webinar
Privacy Management
Live Demo: How to holistically manage data transfers and data sharing requirements
Live demo of the OneTrust Privacy Cloud, exploring how to manage Data Transfers, perform TIAs, and enforce consumer opt-out of the sale/share of personal data.
December 05, 2023
Webinar
Privacy Management
December's deadline: Ensuring compliance with Utah's privacy regulation
Join us for a webinar as we explore the impending implementation of the Utah Privacy Law, set to take effect on December 31, 2023.
November 14, 2023
Webinar
Privacy Management
Managing data transfers within the UK & EU
Join our experts as we discuss ways to effectively manage data transfers between the UK & EU while staying compliant with the latest privacy regulations.
October 31, 2023
Webinar
Privacy Management
Embedding privacy by design to enforce responsible use of data
In this webinar, we explore the latest in Privacy by Design standards and how to effectively manage the balance between Privacy and Data Governance.
October 18, 2023
Webinar
Privacy Management
Privacy in practice: DSAR with PA Consulting
Join OneTrust and PA Consulting as we deep dive into the latest ICO requirements on SARs, handling DSARs, and the benefits of automation.
September 28, 2023
Webinar
Privacy Management
Privacy in practice: PIA & DPIA with PA Consulting
Join OneTrust and PA Consulting as we discuss what makes an effective PIA, best practices, and the benefits of automation.
September 21, 2023
Webinar
Privacy Management
The road to privacy compliance: A spotlight on Oregon & Delaware legislation
We explore the new Oregon and Delaware privacy laws, how they differ from other US privacy laws, and what they mean for your business.
September 14, 2023
Webinar
Privacy & Data Governance
Privacy in practice for data mapping: With PA Consulting and Syngenta
Join OneTrust and panelists from PA Consulting and Syngenta as we explore practical ways to build an effective data mapping program, best practices, and the need for automation.
September 14, 2023
Webinar
Governance & Policy Management
EU-US DPF: What next for UK businesses?
Join our expert webinar as we discuss the upcoming UK-US DPF Extension and what UK businesses need to prepare to become DPF-certified.
September 06, 2023
Infographic
Privacy Automation
The ROI of privacy notice management infographic
Download this infographic and see the ROI benefits of privacy notice management automation with OneTrust Privacy Notice Management.
September 05, 2023
Webinar
Privacy Management
August Privacy & Data Governance Cloud Demo Webinar
See how OneTrust's Privacy & Data Governance Cloud operationalizes regulatory compliance and helps ensure privacy and responsible data use.
August 16, 2023
Blog
Privacy Management
The road to 50 states: Delaware and Oregon join the US privacy landscape
Get in-depth analysis on two upcoming US Privacy laws, the Oregon Consumer Privacy Act (OCPA) and the Delaware Personal Data Privacy Act (DPDPA), with OneTrust DataGuidence and a panel of experts.
August 10, 2023
Resource Kit
Technology Risk & Compliance
PCI DSS essentials: A resource collection for compliance
Achieve PCI DSS standard compliance with our comprehsive guide to safeguarding your organization's payment card data.
August 09, 2023
Webinar
Privacy Management
Managing data transfers
Register for this free webinar to learn how to effectively manage international data transfers in the wake of Schrems II.
July 18, 2023
Webinar
Responsible AI
Unpacking the EU AI Act and its impact on the UK
Prepare your business for EU AI Act and its impact on the UK with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.
July 12, 2023
Data Sheet
Technology Risk & Compliance
Certification Automation: Managing PCI DSS compliance
See how OneTrust Certification Automation streamlines PCI DSS compliance by identifying controls and requirements with automation.
July 05, 2023
Webinar
Privacy Management
Unpacking the EU-US DPF
In this webinar, we cover the new EU-US Data Privacy Framework (EU-US DPF) and what privacy program managers need to know for post-Schrems II data transfers.
June 28, 2023
Webinar
Privacy Management
New states, new dates: Preparing for Indiana, Montana, Tennessee and Florida state privacy laws
Join our expert panel where we examine upcoming privacy legislation in Indiana, Montana, Tennessee, and Florida and the key requirements of each law.
June 20, 2023
Webinar
Privacy Automation
US privacy laws on the horizon: Which states will be next?
Join our live webinar as OneTrust DataGuidence and privacy experts examine new privacy legislation in Indiana, Montana, Tennessee, Florida, and Texas.
June 15, 2023
Webinar
Privacy Management
Staying compliant: How to manage data transfers around the globe
In this webinar, we look at the subject of internation data transfers and how to effectively navigate regional laws and mitigate the risk of non-compliance.
June 06, 2023
Infographic
Privacy Automation
The ROI of DSAR automation
Learn how DSAR automation streamlines privacy rights requests and saves your organization time and resources.
June 01, 2023
eBook
Privacy Management
Connecticut Data Privacy Act law book
Get the complete text of the Connecticut Data Privacy Act (CTDPA) for your reference.
May 30, 2023
Webinar
Privacy Management
Saudi Arabia's PDPL latest amendments: Are you ready?
Join OneTrust and Deloitte Middle East as we cover the latest changes to Saudia Arabia's Personal Data Protection Law (PDPL) and what it means for organizations in the KSA region.
May 30, 2023
Infographic
Privacy & Data Governance
The 3 priorities of the French DPO: Gain visibility, take action, automate
Download our infographic and learn about the 3 priorities of the French DPO.
May 30, 2023
Webinar
Privacy Management
GDPR turns 5: Celebrating data protection
Northern Europe panel - Join our panel of experts as they recap the GDPR, its key concepts, and what it means for organizations and compliance.
May 25, 2023
Webinar
Privacy Management
Global Panel — GDPR & Tech: Key considerations of Privacy by Design and AI in tech
Join our panel of experts as we discuss the impact GDPR had on the tech industry during the past five years, the importance of privacy by design, and what to expect with AI and regulation.
May 25, 2023
Webinar
Privacy & Data Governance
Global Panel — GDPR & Healthcare: current regulatory guidance and enforcement
In this live webinar, our expert panel examines the first five years of the GDPR, how it changed the healthcare industry, and the changing global regulatory landscape.
May 24, 2023
Infographic
Privacy Management
Comparing the FADP, Revised FADP, and the GDPR
Download our infographic to see how the Revised FADP compares with its original version and the GDPR.
May 23, 2023
Webinar
Privacy Management
Global Panel — GDPR & Retail: building customer loyalty and trust with consent and privacy
Join us for a live panel as we discuss GDPR's impact on the retail and eCommerce industry and how companies evolved to meet the global regulatory landscape.
May 23, 2023
eBook
Privacy Management
Getting started with GDPR compliance
This eBook covers the fundamental information you need to know in order to get your GDPR compliance program started and how OneTrust helps.
May 23, 2023
Webinar
Privacy Management
Global Panel — GDPR & Finance: Staying ahead of the regulatory and cyber landscape
How has the GDPR affected the financial industry? Join our live panel as we examine how it companies evolved to meet the regulatory challenges and what can be done to stay ahead of the curve.
May 22, 2023
Webinar
Privacy & Data Governance
Operationalizing the Iowa Consumer Data Protection Act
Join the Privacy experts at OneTrust for an update on the new law and learn key requirements of Iowa’s new privacy law and more.
May 16, 2023
Webinar
Privacy Automation
Bridging borders: How to manage international data transfers
This session will cover the regulatory landscape, TIA guidance, and mitigation measures for international data transfers in the wake of the Schrems II case.
April 19, 2023 1 min read
Webinar
Privacy Automation
OneTrust and Deloitte UK - Data transfers: Assessments & safeguards
OneTrust's Center of Excellence and Deloitte UK will discuss data transfers and GDPR compliance, covering the UK stance, ICO/EDBP guidance, and more.
April 04, 2023 1 min read
Webinar
Privacy Automation
Privacy by design becomes an ISO standard: What you need to know and how to implement for your business
Get an overview of ISO 31700, learn considerations for implementing a PbD framework for your organization, and a look at our Privacy by Design solutions.
February 16, 2023
Webinar
Privacy Automation
US Privacy Masterclass - Employee rights fulfilment
Learn the steps you can take to boost employee trust in compliance with US Privacy Laws in our US Privacy Masterclass on Employee Rights Fulfilment.
February 07, 2023
Webinar
Privacy Automation
US Privacy Masterclass - Consumer rights & opt-outs
Join us in our US Privacy Masterclass as we delve into the evolving US privacy landscape and how you can build a trust-based privacy program in 2023.
February 07, 2023
Webinar
Privacy Automation
US privacy masterclass - retention & minimization
Our US Privacy Masterclass on Retention & Minimization will help you understand data policy requirements across US Privacy Laws.
February 06, 2023
Webinar
Privacy Automation
US privacy masterclass - risk and DPIAs
Join us in our US Privacy Masterclass on Risk and DPIAs to understand the operational components for risk assessments/data protection assessments.
February 06, 2023
Webinar
Privacy Automation
Minimization, retention, and purpose-limitation: evolving privacy to data governance webinar
In this webinar, OneTrust Privacy experts discuss requirements and best practices for governing personal and sensitive data under US state privacy laws.
January 17, 2023 1 min read
Webinar
Privacy Automation
DSARS: Utilising privacy automation to build a measurable ROI program
We’ll discuss three facets of this problem, such as how to discover, classify and automate your data processes to streamline records of processing activities.
December 07, 2022
Webinar
Privacy Automation
Minimization, retention, and purpose-limitation: Evolving privacy to data governance
Join this OneTrust webinar to gain insight into how to operationalize and automate retention and minimization requirements.
November 22, 2022
Webinar
Privacy Automation
Privacy and trust as a strategic imperative webinar
Learn how to go beyond privacy compliance and embrace a data-centric approach to privacy automation and the importance of first-party data collection.
November 18, 2022
Webinar
Data Discovery & Classification
Mitigating US privacy risk to control your organization’s attack surface
In this session, we'll discuss how the requirements under upcoming US Privacy laws create an opportunity for businesses to embed privacy by default.
November 17, 2022
Webinar
Privacy Automation
Live demo: Get to know the OneTrust Privacy & Data Governance Cloud
Join a live demo of OneTrust’s Privacy & Data Governance Cloud and discover how to operationalize regulatory compliance and enable trusted data use.
October 25, 2022
Webinar
Privacy Automation
Putting the impact in PIAs webinar
Watch this webinar to get an overview of how PIAs fit into the Privacy by Design philosophy and gain insight into what an effective PIA looks like.
October 25, 2022
Webinar
Privacy Automation
Establishing and enforcing retention policies
In this webinar, we will cover data policy requirements across the EU and discuss steps to automate data policy management and operational considerations.
September 05, 2022
Webinar
Privacy Automation
Don’t just document it, enforce it. Embedding privacy by design into cloud migrations
Learn how businesses can implement governance policies like retention, minimization, and open access through integrating technologies to minimize risks.
September 05, 2022
Webinar
Privacy Automation
UK panel: Automating the classification and mapping of sensitive data
Join us for this live panel to learn how privacy, security, and data governance professionals can mature their programs beyond tick-the-box compliance activities
May 18, 2022
Webinar
Privacy Automation
UK panel: How to automate retention policies
Join this live interactive panel to learn how to automatically document, flag violations & enforce retention policies across IT assets.
May 18, 2022
Webinar
Privacy Automation
OneTrust and Microsoft come together to automate employee rights requests
Join OneTrust and Microsoft in this webinar where we discuss our automated tool for processesing DSAR requests.
May 11, 2022
eBook
Privacy Automation
The ultimate guide to privacy program automation
Download our guide and learn how automation allows teams to address broader aspects of their privacy programs such as DSARs, incident management, and more.
April 26, 2022
eBook
Privacy & Data Governance
The Ultimate Guide to Privacy Program Automation eBook
Our Ultimate Guide to Privacy Program Automation eBook teaches how automation can help streamline your privacy and governance compliance efforts.
April 26, 2022
Webinar
Privacy Management
Scaling records of processing with Data Mapping Automation
Discover how automated data mapping increases data accuracy and gives insight into your systems.
April 19, 2022
Webinar
Privacy Automation
From data compliance to data intelligence
Learn how you can take the first steps towards data intelligence and advance your privacy program to the next phase of automation and maturity.
February 18, 2022
Infographic
Privacy Automation
4 steps for automating your privacy platform
Automate your privacy program and reduce manual inefficiencies
January 13, 2022
Checklist
Privacy Automation
Automate your privacy program
Download the checklist and discover the steps you can take to automate critical processes across your privacy program.
December 01, 2021
White Paper
Privacy Automation
Mastering PIAs & DPIAs: A complete handbook for privacy experts
Unlock the full potential of your privacy program with our complete handbook designed to equip privacy professionals with the essential tools and knowledge for establishing robust PIA and DPIA processes.
July 22, 2021
Video
Consent & Preferences
OneTrust Consent & Preference Management demo
Watch this demo video to learn how OneTrust Consent and Preference Management Cloud streamlines the consent lifecycle and accelerates fulfillment.
October 24, 2020
Webinar
Privacy Management
Navigating Canadian consumer rights requests
Join our webinar to learn how to effectively manage DSARs and comply with Quebec's Law 25, ensuring your organization meets customer and regulatory expectations.
Demo
Privacy Automation
Privacy Automation demo
Automate DSR fulfillment, track regulations, maintain an evergreen data map, and so much more — all in one powerful privacy solution.
Webinar
Privacy Automation
PIA and DPIA demo webinar with Data Privacy Group
Join our webinar to learn the benefits of automating your PIAs and DPIAs using the OneTrust platform
Webinar
Privacy Management
Privacy in Practice with PA Consulting
Join OneTrust and expert speakers from PA Consulting for a webinar series discussing the need-to-knows for creating a successful privacy management program in your organization.