L&G
Automating data privacy to drive trust and operational excellence
Tags
As digital threats grow, the pressure to safeguard sensitive customer data with speed and precision has intensified. Legal & General (L&G), a leading financial services group, set out to elevate its privacy capabilities – not as a compliance checkbox, but as a foundation for customer trust and business resilience.
In partnership with us and OneTrust – a leading provider of privacy, data governance, and compliance solutions – we helped L&G deploy a centralised data privacy automation platform that streamlines operations, enhances oversight, and protects customer data across its global footprint.
Thanks to the platform, initial results point to a 30-50 percent efficiency gain in day-to-day operations.
Safeguarding trust in a fragmented data landscape
With a portfolio spanning every stage of life, L&G plays a critical role in protecting financial wellbeing. Today, the organisation supports over 10 million customers worldwide through savings, retirement, and life insurance solutions.
It manages vast volumes of sensitive customer data – medical history, income, and personal circumstances – that demand rigorous protection. With four distinct business divisions operating under separate leadership, L&G’s data is naturally fragmented, making oversight and consistency a challenge. To stay ahead of evolving threats, L&G asked us and OneTrust to help modernise, automate, and centralise its privacy operations.
We recognised the power of automation and wanted to move quickly to harness it. By partnering with PA and OneTrust to centralise privacy management, we are reinforcing the protection our customers count on every day.”
Reframing privacy as a strategic business enabler
As a OneTrust Trusted Partner and long-standing collaborator with L&G, we were uniquely positioned to bring its vision for next-level data privacy to life. By combining deep expertise in privacy, cyber security, innovation, and technology, we empowered teams to safeguard customer data and elevate privacy into a strategic business asset.
PA’s deep understanding of L&G’s business and privacy priorities, paired with their sector expertise and collaborative approach, made them the ideal partner. They didn’t just advise; they helped us simplify complexity, unlock opportunity, and deliver with assurance.”
Embedding automation for scalable privacy management
Our first objective was to harness OneTrust’s platform to automate key tasks, including risk management, breach handling, assessments, and data subject requests. Success relied not only on configuration but on embedding the platform into L&G’s ways of working to enable a unified, scalable approach.
To truly understand data privacy across L&G’s UK operations, we engaged all 17 business areas. Together, we mapped procedures, surfaced local nuances, and uncovered barriers to alignment. These insights formed the backbone of a strategic design framework that guided the platform build.
Working closely with OneTrust, our experts tailored the platform through precise configurations and seamless integration with L&G’s business-critical tools. We then piloted the platform to give users hands-on access to test functionality and provide feedback, ensuring the solution reflected real-world needs before finalising the MVP.
The pilot was critical in proving that the platform could deliver tangible value across the UK business. By ensuring robustness and readiness upfront, we gave L&G the conviction to scale without risking disruption or inefficiency.”
Consolidating complex data for seamless migration
Next, we focused on data migration to ensure accuracy and continuity ahead of launch. The quality and structure of data were essential, requiring precise mapping to meet OneTrust’s specifications. We gathered data from all business areas and aligned it into a single, unified template.
Our team led design workshops, where we mapped over 250,000 entries and thousands of PDF attachment. We introduced a short freeze window to ensure seamless operations, enabling L&G to launch its OneTrust solution with live data from day one.
Equipping users for confident adoption at scale
With migration complete, we delivered tailored training to ensure readiness across the organisation. Sessions were designed for specific user groups, from platform users to assessment teams, and were reinforced by how-to guides for easy reference.
We knew training couldn’t be a one-off exercise. After go-live, we kept momentum through show-and-tell sessions and train-the-trainer formats, ensuring users felt supported embedding the platform into their daily workflows.”
Unlocking impact with smarter privacy operations
Today, L&G’s centralised privacy platform supports 150 users, transforming how teams manage breaches, data subject requests, and assessments in the UK. By eliminating resource-heavy processes and harmonising workflows, it has significantly improved day-to-day operations, with early results showing a 30-50 percent efficiency gain.
Customers are also benefiting, with faster access to their data via a public-facing portal and fewer manual interactions, improving transparency and reinforcing trust in L&G’s commitment to protecting personal information.
PA and OneTrust delivered more than a technology upgrade – they laid the foundation for deeper automation and future innovation. With a resilient platform in place, we’re equipped to move forward with confidence in the face of rising threats.”
Explore more
