Case study: Mazars cybersecurity: data privacy a national, commercial mortgage provider – California Consumer Privacy Act

InsightsCase studies

Data privacy: commercial mortgage provider

Mazars cybersecurity: data privacy a national, commercial mortgage provider – California Consumer Privacy Act

Challenge:

A leading commercial real estate firm that sells, finances, and services commercial real estate processed personal data as part of its core business. Because some of their operations were under the jurisdiction of California, they wanted to understand their risk exposure from the CCPA and to define a clear plan to execute mitigate associated risk.

Existing challenges included:

  • A clear understanding of CCPA requirements as they pertained to their operations
  • Any gaps in compliance
  • The completeness of their customer-facing privacy policy
  • Obligations related to third-party contracts

How Mazars helped:

We assembled a team of skilled privacy professionals who were experienced in privacy program management, data protection impact assessments, and regulatory compliance. They worked with:

Risk compliance and control leadership, gaining an understanding of CCPA risks and developing a strategy to improve security and privacy controls

Approach:

  • Reviewed existing policies, controls, and the ability to demonstrate compliance against CCPA requirements.
  • Conducted an initial Data Privacy Program Assessment to determine the current state against CCPA requirements.
  • Conducted workshops with stakeholders covering privacy, validating current operational maturity, and building consensus on possible solutions.
  • Delivered the risk assessment, tactical action, and overall roadmap to implement policies and controls to improve data privacy operations and CCPA compliance

Results:

  • An improved approach to data subject right response
  • Increased understanding of privacy requirements and improved third party contract negotiations
  • A clear plan on how to increase CCPA compliance

Visit our dedicated CCPA compliance page for further details or request to meet with our specialists to discuss your compliance readiness.

The information provided here is for general guidance only, and does not constitute the provision of tax advice, accounting services, investment advice, legal advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal or other competent advisers.

Contact us

+1 212 375 6510
Meet our local team
Discover our locations
Or use our contact form