Overview
At OneTrust, I led the end-to-end design of an AI-powered Auto Redaction feature to help enterprises automatically detect and redact sensitive personal data across various document types. This feature became critical in streamlining compliance workflows for global privacy regulations like GDPR and CCPA.
Role
Sole Product Designer ( 0→1 )
Duration
8 Weeks
Team
1 UX Designers, 1 PM, 4 Engineers
Problems
Companies are required by law (like GDPR/CCPA) to remove sensitive info (e.g. names, emails, IDs) from documents before sharing them externally. OneTrust experimented an AI tool to do this automatically, but users didn’t trust it. A single mistake could expose private data or block important content, so users kept manually checking every file, which defeated the purpose of automation.
I never know if I can trust the automation, so I end up rechecking everything manually.
Data Privacy Officer
Opportunity
How might we help users trust automated redaction enough to confidently share sensitive documents, without needing to manually recheck everything?
Solutions
Turning what used to be a black box
into a clear, navigable checklist
To help users quickly understand what the AI detected, and where to focus, I designed a left-hand panel that groups redacted data into risk levels: Critical, Sensitive, and Possibly Sensitive. Each group shows how many items were found, so users can triage at a glance and jump directly to what matters most. It’s a simple, structured way to review large volumes of data without feeling overwhelmed,
Showing exactly what the AI redacted and why
To help users trust AI redaction, we made it clear and interactive. With one click, users can see why something was flagged, view the original text, check confidence scores, and jump between matches. They can adjust how it looks and choose to update one or all. It’s fast, flexible redaction with full visibility and control.
Multi-level Redaction Control
We made redaction flexible by supporting three levels: word, section, and full page. Users can quickly remove a single name or ID, redact a full paragraph, or hide an entire page when needed. This gave the privacy teams the control to be precise when it matters, and fast when it doesn’t.
Clone Copy
Impact
Since launch, we’ve seen exponential growth in adoption across enterprise customers. Auto Redaction became a key driver in scaling OneTrust’s privacy offering, helping teams automate sensitive data removal with speed and confidence.
That said, we’re far from done. My team and I continue to iterate on the experience, focusing on performance, accuracy, and expanding capabilities across more document types and workflows this year.
70%
Engagement Rate Increase
60%
Exporting redacted documents without making manual changes
500+
Increased enterprise accounts
since launch
OneTrust
SaaS
Desktop
Auto Redaction for Data Privacy Compliance
Empowering privacy teams to automate sensitive data removal at scale
