Odia combines her in-depth knowledge of privacy and data security regulations and best practices, both domestic and international, with her keen understanding of emerging and information technologies to provide clients with practical advice on how to design and implement their products and services, consummate their M&A transactions and engage third-party vendors in the United States and abroad.
Over the past few years, Odia has assisted more than 80 companies, from U.S.-based multinationals to startups, on their path to compliance with the EU General Data Protection Regulation (GDPR). She leverages her transactional experience leading M&A and tech transactions as well as her ability to break down complex concepts into easy-to-understand action items to provide effective, ongoing counsel to clients in their day-to-day operations.
Odia is certified as a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals (IAPP), a designation signifying comprehensive knowledge of privacy and data protection laws. She has also been certified by IAPP as a Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Professional in the laws of the United States – private sector (CIPP/US), the laws of the European Union (CIPP/E) and by the PECB as a Certified Data Protection Officer (CDPO).
A former partner in a Tel Aviv, Israel law firm, Odia has substantial experience working with Israeli startups and assisting multinational companies with cross border transactions.
- Assisted a provider of professional mailing services with EU-US Privacy Shield Certification and preparation for GDPR compliance.
- Assisted a large international hospitality provider with its global privacy compliance efforts, including revision of vendor agreements, revision of privacy and information security policies, assistance with EU-US Privacy Shield compliance and preparation for GDPR compliance.
- Advised and negotiated Controller–Processor data processing agreements for a company providing services to clinical trials.
- Advised a leading organization for professional credentialing on its privacy policies (internal and customer facing) and on data transfer agreements.
- Assisted clients, including a supplier of aerospace systems and a medical device company, in the formulation and documentation of a cross-border data transfer strategy for employee information, preparation for certification under Privacy Shield and preparation for compliance with the EU General Data Protection Regulation (GDPR).
- Drafted and negotiated master services agreements, EU data processing agreements and information security policies for a company providing services for clinical trials conducted worldwide.
- Drafted and negotiated complex licensing, services and service level agreements for IT systems, data mining applications and equipment management services for a large health care organization.
- Assisted a global investment management firm in privacy and data security aspects of the extension of a $40 million line of credit to a provider of retail installment sale financing to consumers. The representation included conducting privacy and data security diligence and negotiation of the deal representation and warranties, as well as post-closing compliance.
- Represented a large broadcasting and telecom provider in the sourcing of hosted services related to its consumer information.
- Assisted an augmented reality platform for retailers and an influencer marketing platform with vendor assessment questionnaires, as well as internal and customer-facing information security policies.
- Assisted a provider of Voice over Internet Protocol (VoIP) telephony platform with sophisticated call analytics in the design of its service incorporating security considerations and in the negotiation of its services agreement and terms and conditions of use.
- Drafted an information security plan for a digital publishing company and advised on COPPA (Children's Online Privacy Protection Act) issues related to its advertising campaigns.
- Advised a leading professional development membership organization on compliance with EU Data Protection Directive and "Cookie Directive."
Privacy & Data Certifications
International Association of Privacy Professionals
- Certified Information Privacy Professional, U.S. – Private Sector; EU (CIPP/US, CIPP/E)
- Certified Information Privacy Manager (CIPM)
- Fellow of Information Privacy
- Certified Data Protection Officer
Beyond Fox Rothschild
Odia serves on the board of advisers of Prifender, a privacy compliance startup. She also serves on the Publications Advisory Board of IAPP and co-chairs IAPP's Philadelphia KnowledgeNet chapter as well as the Philadelphia Bar Association Business Section's Cyberlaw Committee. She is also a member of the Executive Committee of the Philadelphia Bar Association Business Law Section.
Odia is an adjunct professor at Drexel University Kline School of Law as part of its JD and Master of Legal Studies programs, where she teaches the upper-level course, Cybersecurity and Privacy Regulation. She speaks regularly on topics of privacy and information security at a variety of industry and professional events.
Honors & Awards
- Selected one of Pennsylvania's "Lawyers on the Fast Track," The Legal Intelligencer, 2013