This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Drata Chooses DataGrail to Automate and Scale its Data Privacy Program


Drata is a security and compliance automation company whose proprietary platform continuously monitors and collects evidence of clients’ security controls, all while streamlining compliance workflows to ensure audit readiness.

Founded: 2020
Industry: Compliance and Security
Location: San Diego, California
The Challenge

Automating the identification and cataloging of customer information across databases

Drata offers its customers an automated path to security compliance and centers its partnership strategy around companies that share this focus on automation.

Drata struggled to provide this transparency to its customers because its Data Subject Request (DSR) and data mapping processes were manual. This was not only time-consuming but also increased risk due to human error (there were 10+ people involved in responding to one DSR) and due to lack of visibility into all connected data systems – and the specific personal information that lived in those systems. Without visibility into its own data and systems, it was impossible for Drata to be transparent with its customers.

In order to improve trust with its customer base, Drata needed a tool that would make it easy for customers to submit DSR requests and for Drata to manage these incoming requests quickly and efficiently. They also needed to be able to automatically identify, catalog, and track customer information across its CRM and INRATA databases. This visibility would allow Drata to provide more transparency to its customers about the data they had. And with automated processes to manage customer data, could quickly provide the data to the customer or delete it upon request.

After evaluating potential partners on the market, DataGrail’s automated solutions and collaborative approach to integrations were the deciding factors, leading Drata to choose DataGrail as their preferred partner.

Matt Hillary
CISO and VP of Security
The Solution

Automated data mapping and privacy request management

Drata partnered with DataGrail to continuously deliver on its commitments to customer trust and transparency. DataGrail in turn provided Drata with two key solutions:

  1. the ability to automate data mapping
  2. the management of data subject requests (DSRs).
We want to ultimately serve our end customer and DataGrail has helped us to seamlessly enact that.”
Matt Hillary
CISO and VP of Security
The Results

Collaborative integration for a seamless path to transparency

Drata’s partnership with DataGrail helped them fortify and scale their data privacy program. DataGrail automatically monitored its customer databases, enabling Drata to fulfill its commitment to the core values of trust and transparency.

DataGrail provided Drata with fast, accurate, and on-time management of DSARs, along with a clear and accurate view of all their connected systems and data that live within them. It even identified systems they didn’t know were connected (shadow IT), giving Drata a more robust view of its privacy risk – and where to prioritize taking action first.

DataGrail’s solutions have enabled Drata to redirect data requests in a faster, simpler, and more informed way. For instance, if a customer requests that Drata delete their data, Drata can automatically send that request to the data controller, who can then take immediate action on it.

Drata was also struck by how seamless it was to integrate its systems with DataGrail’s solutions. In fact, “one of the things that stood out about DataGrail,” Hilary emphasized, “was the number of integrations that it has.” DataGrail’s team worked closely with Drata on their own integration, something that the Drata team appreciated.

In addition to these technical solutions, Hilary added, “DataGrail folks are so great to work with. Everyone I’ve worked with at the company has always been extremely kind.” This added “wow” factor, he went on, only brought further confirmation that he and Drata had made the right choice: “We have an additional connection here beyond the transactional nature of using a SaaS product.” This was the differentiating factor for Drata: in DataGrail, they’d found not simply a vendor but a true partner with unrivaled expertise.

One of the things that stood out about DataGrail was the number of integrations that it has.”
Matt Hillary
CISO and VP of Security

Find out how DataGrail can
work for your business