Sadia Mirza focuses her practice on cybersecurity and privacy issues and compliance across the financial services industry. She is a knowledgeable transactional counsel with experience in-house, positioning her to interact effectively with
business, compliance, legal and information security departments.
Sadia works with a wide array of clients, including financial institutions, consumer reporting agencies, insurance companies, healthcare providers, property management companies, and data and analytics providers. With her years of experience
as internal counsel, Sadia is able to break down complex legal issues into plain English, and she provides tactical, actionable advice.
Sadia’s practice is primarily focused on data privacy law compliance and incident response. She has experience with the California Consumer Privacy Act of 2018 (CCPA), the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley
Act (GLBA), the Driver’s Privacy Protection Act (DPPA), California Online Privacy Protection Act (CalOPPA), as well as various other state laws concerning privacy and cybersecurity. She provides strategic privacy compliance
counseling, and defends, counsels and represents companies on matters relating to data privacy, data use, and data breaches and investigations with an eye towards helping clients avoid litigation.
Sadia also drafts policies and procedures for financial services companies, including consumer reporting agencies, that document compliance with consumer protection laws and regulations. Further, she has experience drafting and negotiating
data licensing agreements, screening services agreements and playbooks for consumer reporting agencies. She advises her clients on best practices related to onboarding end users, such as end user credentialing and required disclosures
She provides ongoing analysis and commentary on developments in the consumer financial services industry, with a focus on privacy law developments, through the Consumer Financial Services Law Monitor blog at
Prior to becoming an attorney, Sadia worked for JPMorgan Chase and Washington Mutual Bank. Her ongoing interest in the financial services industry led her to pursue an LL.M. in banking and finance after graduating from law school.
Counsels a consumer reporting agency in all matters and activities concerning compliance with the FCRA, including the creation and revision of screening contracts and onboarding procedures.
Conducted multiple 50-state survey analyses for a data and analytics company requiring a review of laws that influence and impact its business, including open records laws, DPPA laws and state law equivalents.
Created a compliance management system for a financial institution in a high-stakes and time-sensitive matter.
Drafted FCRA and state law disclosures related to tenant screening for a multistate property management company.