Case study: Mazars cybersecurity: data privacy a national, commercial mortgage provider – California Consumer Privacy Act
Data privacy: commercial mortgage provider
A leading commercial real estate firm that sells, finances, and services commercial real estate processed personal data as part of its core business. Because some of their operations were under the jurisdiction of California, they wanted to understand their risk exposure from the CCPA and to define a clear plan to execute mitigate associated risk.
Existing challenges included:
- A clear understanding of CCPA requirements as they pertained to their operations
- Any gaps in compliance
- Obligations related to third-party contracts
How Mazars helped:
We assembled a team of skilled privacy professionals who were experienced in privacy program management, data protection impact assessments, and regulatory compliance. They worked with:
Risk compliance and control leadership, gaining an understanding of CCPA risks and developing a strategy to improve security and privacy controls
- Reviewed existing policies, controls, and the ability to demonstrate compliance against CCPA requirements.
- Conducted an initial Data Privacy Program Assessment to determine the current state against CCPA requirements.
- Conducted workshops with stakeholders covering privacy, validating current operational maturity, and building consensus on possible solutions.
- Delivered the risk assessment, tactical action, and overall roadmap to implement policies and controls to improve data privacy operations and CCPA compliance
- An improved approach to data subject right response
- Increased understanding of privacy requirements and improved third party contract negotiations
- A clear plan on how to increase CCPA compliance
Visit our dedicated CCPA compliance page for further details or request to meet with our experts to discuss your compliance readiness.