Skip to navigation | Skip to main content | Skip to footer
Search the University of Manchester siteSearch Menu StaffNet
Search type

Launch of OneTrust - simplifying GDPR compliance

05 Aug 2019

Making it quicker, simpler and easier for staff to comply with the General Data Protection Regulation and manage information risk

Working with GDPR

Today we launch OneTrust, a new online system that will help simplify General Data Protection Regulation (GDPR) compliance by making it easier to record and track risks relating to information management. 

What do I need to know?

  1. The Information Governance Risk Review (IGRR) and Information Governance checklist forms will be replaced with an online assessment in OneTrust. If you are involved in the procurement or development of a new IT system, you’re making changes to an existing IT system, or you are involved in a non-IT-related project or activity that involves collecting, using or sharing, information or data (whether it’s personal data or not) you must complete the IGRR online assessment. 
  2. Staff responsible for information stores (i.e. where information is held/stored) and information processing activities (e.g. obtaining, recording, holding, altering, disclosing, destroying information) will be notified to review and update their records in OneTrust.
  3. Staff responsible for managing information risks relating to information assets or processing activities will track and record risks and mitigation in OneTrust. 
  4. Anyone involved in a GDPR information rights request, will use OneTrust to respond to the University’s Information Governance Office (IGO), and each request will be managed and tracked in OneTrust.

How do I find out more?

The IGO are holding briefing sessions over the coming months. Places are available to book and more sessions will be added shortly. 

More information