Mazars logo Mazars logo Mazars logo The Ledger

Mazars Cybersecurity: Data Privacy

Mazars Cybersecurity: Data Privacy



April 11, 2019

The Challenge

The EU’s General Data Protection Regulation (GDPR) is a growing concern for companies doing business in Europe.

A US-based recruiting company recognized that they faced greater exposure from privacy issues due to the highly personal nature of the data they hold on job candidates. To mitigate the financial and reputational risks and potential costs of non-compliance with the GDPR, senior management issued a corporate directive for all divisions to be in compliance from organizational, technical and legal standpoints; for each group to conduct regular risk analyses of existing and anticipated processes and tools; and for each group to proactively develop recommendations to eliminate or correct any identified or potential areas of non-compliance.

Despite this mandate, most divisions remained unsure of what type of private data they collected, what processes were vulnerable, and what information was shared with third parties.


How Mazars Helped

Working with HR, Security, Legal, IT, and Compliance, Mazars developed a standardized approach that could effectively and efficiently manage the most privacy-sensitive processes across multiple entities of the group. In addition, Mazars conducted a thorough analysis of the company’s SLA measures and made recommendations for implementing binding rules to secure international transfers necessary to ensure that data transfers to other countries met legal and security requirements.

Then, to ensure a speedy and effective rollout, Mazars conducted an organizational analysis, and developed a cross-functional action plan for each group – setting up dedicated corporate initiatives to reinforce GDPR compliance on specific topics (best practices, retention, transfers, etc.).


Results

As a result, the company was able to generate a corporation-wide awareness of the importance of privacy, were able to develop specific tools to achieve and maintain compliance and were able to ensure that private data and data subject requests are appropriately controlled and responded to, avoiding brand degradation and promoting security.

Company executives and the Board of Directors now have a high level of comfort that the brand’s reputation will be enhanced, and the risk of fines or cease orders is minimized.


Contact

Atif Ghauri | Principal, Cybersecurity Practice Leader| P: 267.254.8040 | E: Atif.Ghauri@MazarsUSA.com

Phillip Jones | Director – Cybersecurity | P: 813.760.5347 | E: Phillip.Jones@MazarsUSA.com



Related posts




New York, NY – June 24, 2020 – Congratulations to Ekaterina Prokhorovskaya and Joy Eagle on being selected


June 2020 Description In episode twenty of Food for Talk, host Howard Dorman, Mazars Food and Beverage Practice


June 2020 Description In episode nineteen of Food for Talk, host Howard Dorman, Mazars Food and Beverage Practice