A global pharmaceutical company needed to mature its privacy operations by revamping its data inventory and standardizing how Data Subject Requests were managed through the customization of their new privacy tool, OneTrust.
Existing processes were manual and inconsistent across regions, making it difficult to maintain accuracy and compliance with global privacy regulations. Our team collaborated with various client stakeholders to have a better understanding of their challenges and help design a program aligned with their operational needs and capabilities offered by OneTrust.
our approacH:
To address the client’s challenges, Myna:
- Conducted discovery workshops with key project stakeholders to document the client’s data flows and evaluate the current DSR practices.
- Designed and configured a Data Mapping Questionnaire template to populate and reassess processing activities, as well as provided guidance on Data Mapping methodologies and inventories.
- Built automation rules, workflows, and reassessment cadences within the OneTrust Data Mapping module.
- Developed and implemented external facing Data Subject Request webforms across several jurisdictions.
- Created customized workflows, subtasks, and response templates to streamline DSR intake through fulfilment.
- Delivered design documentation, training sessions, and user guides to support long-term sustainability.
Program Outcomes
- Established a centralized data inventory with automated assessments and clearly defined business process owners.
- Streamlined DSR intake through standardized webforms with predefined workflows, subtasks, and automated response templates.
- Built custom dashboards to simplify reporting and support compliance requirements.
- Strengthened privacy operations by improving processes and significantly reducing manual effort across privacy programs.
