Philadelphia, Pennsylvania, United States
Contact Info
21K followers
500+ connections
About
Articles by Odia
-
The APRA (Federal Privacy Bill) is here: What do you need to do?
The APRA (Federal Privacy Bill) is here: What do you need to do?
By Odia Kagan
-
VA Jumps into the AI Regulation Space with new Bill
VA Jumps into the AI Regulation Space with new Bill
By Odia Kagan
-
CCTV: Practical Data Protection Guidance from Ireland DPC
CCTV: Practical Data Protection Guidance from Ireland DPC
By Odia Kagan
Activity
-
Hashing does not equal de-identify and it definitely doesn’t anonymise. Thanks Odia
Hashing does not equal de-identify and it definitely doesn’t anonymise. Thanks Odia
Liked by Odia Kagan
-
"Hash" little baby don't you cry Hashing doesn’t mean de-identify... New guidance from the Federal Trade Commission clarifies that hashes aren’t…
"Hash" little baby don't you cry Hashing doesn’t mean de-identify... New guidance from the Federal Trade Commission clarifies that hashes aren’t…
Shared by Odia Kagan
-
Kids Online Health and Safety Task Force, co-led by the U.S. Department of Health and Human Services (HHS)) Substance Abuse and Mental Health…
Kids Online Health and Safety Task Force, co-led by the U.S. Department of Health and Human Services (HHS)) Substance Abuse and Mental Health…
Shared by Odia Kagan
Experience & Education
Licenses & Certifications
-
Certified Information Privacy Manager
IAPP - International Association of Privacy Professionals
Issued -
Certified Information Privacy Professional - EU (CIPP/E)
IAPP - International Association of Privacy Professionals
Issued -
Certified Information Privacy Professional - US (CIPP/US)
IAPP - International Association of Privacy Professionals
Publications
-
Countdown to GDPR
IAPP Philadelphia KnowledgeNet
Presentation to Philadelphia area privacy professionals on the latest developments and Article 29 Working Party guidance on aspects of GDPR. We focused our discussion on the transparency guidance and how to draft GDPR compliant privacy notices.
-
From Brussels with Love: A GDPR Valentine's Day Special
Ballard Spahr LLP
Ballard Spahr privacy and data security attorneys Philip N. Yannella and Odia Kagan join Rebecca Perry, Director of Professional Services at Jordan Lawrence, to discuss the steps that U.S. companies need to take to prepare for GDPR, how to prioritize the compliance obligations, and the key takeaways from the multitude of guidance documents recently issued by EU regulators.
-
Acquiring Assets, Acquiring Risk
PBI Business Law Institute
Privacy and data security considerations in M&A transactions and vendor management
-
CISO Executive Network - Philadelphia Chapter: The Endpoint
CISO Executive Network - Philadelphia Chapter
Speaking on legal considerations on securing the endpoint.
-
Disclosure Is Key for Cross-Device Tracking, FTC Staff Report Says
Ballard Spahr LLP
-
EU e-Privacy Regulation Raises Stakes for Compliance
Ballard Spahr LLP
The European Commission's proposed e-privacy regulation sets forth obligations on handling electronic communications and clarifies obligations for seeking consent for the use of cookies. Meant to bring the e-privacy directive in line with the General Data Protection Regulation (GDPR), the regulation imposes steep penalties for failure to comply for companies worldwide, including in the United States. The alert lays out what this means for companies and what they can do to prepare.
Other authorsSee publication -
FTC Settles with Targeted Digital Advertising Company over Supercookie Advertising Practices
Ballard Spahr LLP
If you are tracking users for behavioral advertising, make sure to fully and conspicuously disclose this and provide and opt out - FTC tells Turn, Inc in a proposed settlement agreement.
Other authorsSee publication -
Prepare for Compliance with General Data Protection Regulation Checklist
Ballard Spahr LLP
The alert discusses the 12-step checklist published by the Irish Data Protection Commissioner (DPC) detailing actions companies can take now to better prepare for compliance with the General Data Protection Regulation (GDPR), the new EU privacy regulation which takes effect in May 2018.
Other authorsSee publication -
FTC Takes Action against App Developers on COPPA Allegations Involving Persistent Identifiers
Ballard Spahr LLP
The FTC has announced enforcement actions against two app developers that allegedly violated the Children’s Online Privacy Protection Act (COPPA) by using persistent identifiers to serve advertising to children. The developers—LAI Systems, LLC (LAI) and Retro Dreamer (Retro)—will pay a combined $360,000 in civil penalties
-
California, Nevada Expand Scope of Customer Personal Information Subject to Reasonable Security Measures
Ballard Spahr LLP
Recent statutory amendments passed in California and Nevada expanding the definition of “personal information” will significantly impact the security measures businesses operating in these states must implement when handling personal information of customers residing there
-
New NIST Guide Advises Health Care Companies on Securing Patient Health Information on Mobile Devices
Ballard Spahr LLP
In response to a growing demand for cybersecurity guidance in the health care industry, the National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence, recently published a step-by-step practice guide (the Guide) on protecting medical information stored in and shared between mobile devices. The Guide is the first in NIST’s new 1800 series of publications, designed to help companies protect their information systems (the 1800 Series).
-
OPM Changes Privacy Rules to Let Investigators Inside al Databases
NextGov
I was interviewed for this article about the steps taken by OPM in the aftermath of the breach into its records.
-
New York Information Security Meetup - Philadelphia
http://www.ballardspahr.com/eventsnews/events/2015-06-25-june-ny-information-security-meetup.aspx
-
The New European Union Data Protection Framework: Issues Affecting Multinational Companies
Ballard Spahr LLP
After three years of negotiation and debate within the institutions of the European Union, agreement is near on the new EU data protection legislation, which would radically transform the regulatory landscape. In this talk, we discussed the key elements of the proposed reforms and how they may affect U.S. lawyers and multinational companies.
Other authorsSee publication -
It’s Legal, but Not Good Business - Privacy Considerations for Big Data in the Hospitality Industry
Penn State Smeal College of Business: Big Digital Marketing for Hospitality Executives
-
Big Data- Big Risk: Privacy Considerations for Individuals and Corporations
Philly Tech Week
The ability to collect and analyze big data holds much promise for improving our lives, from the advancement of scientific discoveries to facilitating and improving services provided to consumers. This promise also poses great risk from a privacy perspective, both to consumers: who may be giving away more information than they bargained for, and to companies: whose risk of incurring a data breach incident or running afoul of increasing regulation.
In this presentation I discussed the big…The ability to collect and analyze big data holds much promise for improving our lives, from the advancement of scientific discoveries to facilitating and improving services provided to consumers. This promise also poses great risk from a privacy perspective, both to consumers: who may be giving away more information than they bargained for, and to companies: whose risk of incurring a data breach incident or running afoul of increasing regulation.
In this presentation I discussed the big data “trend”, its implication on the right to privacy and what both companies and consumers need to do in order to minimize their risks and maximize their rewards from Big Data.
-
Cybersecurity – A Conversation with the Experts
Chester County Economic Development Council
In this panel discussing cybersecurity considerations for businesses, I discussed the steps to be taken from an administrative perspective to mitigate cybersecurity risks and achieve compliance with applicable laws, regulations and industry standards.
Other authorsSee publication -
What Your TV Wouldn’t Tell You and Your Fridge Didn’t Know: FTC Best Practices for Consumer-Facing IoT Devices
Pepper Hamilton LLP
Recommended best practices and key take aways from the recent FTC report on privacy and security considerations in the "Internet of Things".
Other authorsSee publication -
OCIE Cybersecurity Risk Alert: Keep Your Data Close and Your Third-Party Providers Closer
Pepper Hamilton LLP
On February 3, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) published a Risk Alert that summarizes the OCIE’s observations from its recent examinations of registered broker-dealers and investment advisers. It is likely that future examinations will focus on the areas that the OCIE Risk Alert flagged as lacking including: third party provider management, incident reporting and cyber insurance.
Other authorsSee publication -
Bank Board Director Alert: Banking on Cybersecurity
Pepper Hamilton LLP
Prudential bank regulators and other supervisory authorities have put cybersecurity front and center in 2015 by issuing guidance that sets forth their expectations of improved cybersecurity and that incorporates cybersecurity assessments into the scope of examinations.
Other authorsSee publication -
Conquering Spamalot: Canada’s New Anti-Spam Legislation
Pepper Hamilton, LLP
-
Cybersecurity Compliance
Society of Corporate Secretaries and Governance Professionals: Middle Atlantic Chapter Spring Conference
Spoke about data breaches, privacy policies and the NIST Cybersecurity Framework.
-
Women 'Who Own the Room' Have These Three Qualities: Lea Goldman
Pepper Hamilton, LLP
-
Bitter C-Suite: Privacy, Security and Data Protection Issues Facing Corporations, Directors and Officers
Pepper Hamilton LLP
With data breaches, cyberterrorism and governmental enforcement of the protection of privacy on the rise, corporations are facing an increased likelihood of claims, legal proceedings and costs. Without a proper understanding of the privacy and data security issues facing the corporation, and effective oversight of the policies and procedures the corporation has in place, directors and officers risk potential liability, as well as breaching their fiduciary duty of loyalty and due care.
In…With data breaches, cyberterrorism and governmental enforcement of the protection of privacy on the rise, corporations are facing an increased likelihood of claims, legal proceedings and costs. Without a proper understanding of the privacy and data security issues facing the corporation, and effective oversight of the policies and procedures the corporation has in place, directors and officers risk potential liability, as well as breaching their fiduciary duty of loyalty and due care.
In this presentation, we discussed the issues facing corporations in connection with privacy and cybersecurity and the steps directors and officers can take to mitigate these risks.Other authorsSee publication -
BYOD - Bring Your Own Device: Liability and Data Breach Sold Separately
Pepper Hamilton Presentation at Philly Tech Week
-
Between You, Me and Mark Z: The Illusion of Privacy in Social Networks and What My Company and I Can Do About It.”
Pepper Hamilton event at Philly Tech Week
-
Addressing the Legal Ramifications of Cloud Computing
Panelist in the HNBA’s 5th Corporate Counsel Conference in Orlando, Florida
Corporations are increasingly relying on cloud systems to store their data. This workshop provided a general discussion on the various implications of cloud computing, particularly its impact on privacy issues, litigation and discovery, and intellectual property, covering tactical considerations and best practices as corporations move more data to the cloud.
-
Odia Kagan Participating in Quorum’s Office Hours
University City Science Center - Quorum
Meeting one-on-one with entrepreneurs to answer questions and offer advice as part of the Quorum’s office hours.
-
The Reports of the Death of Privacy Were Exaggerated: California Breathes New Life into the Privacy Rights of its Residents
Pepper Hamilton LLP
In a series of new bills amending existing California privacy laws, the State of California increases the protections presently provided to its residents by broadening the requirements for reporting breach of personal data; requiring providers to disclose how their site or service responds to “do not track” signals sent by web browsers; and requiring companies that maintain health information, or provide hardware or software, including mobile applications, to refrain from sharing, selling or…
In a series of new bills amending existing California privacy laws, the State of California increases the protections presently provided to its residents by broadening the requirements for reporting breach of personal data; requiring providers to disclose how their site or service responds to “do not track” signals sent by web browsers; and requiring companies that maintain health information, or provide hardware or software, including mobile applications, to refrain from sharing, selling or using patient medical information without consent.
Other authorsSee publication -
Understanding the Risks of BYOD Policies
Cyberspace & E-Commerce Committee of the Philadelphia Bar Association Business Law Section
According to a recent study, 73% of people panic when they realize that they have misplaced their phone; 21% even felt desperate or sick under such circumstances. With smartphones becoming a staple of our daily existence and the convenience and ease of carrying and using just one device, many have started using their personal mobile devices for work related tasks. This phenomenon, often referred to as "Bring Your Own Device" or "BYOD", raises a variety of legal issues both for the user and for…
According to a recent study, 73% of people panic when they realize that they have misplaced their phone; 21% even felt desperate or sick under such circumstances. With smartphones becoming a staple of our daily existence and the convenience and ease of carrying and using just one device, many have started using their personal mobile devices for work related tasks. This phenomenon, often referred to as "Bring Your Own Device" or "BYOD", raises a variety of legal issues both for the user and for the corporation.
In this presentation I explored some of these issues, including: the employee's expectation of privacy, adequately securing the corporate information on the device, e-discovery and specific compliance issues for regulated organizations -
BYOD (Bring Your Own Device)... *Liability and Data Breach Sold Separately
Pepper Hamilton LLP
Co-Presented a CLE presentation, as part of Pepper's Berwyn CLE Series, on issues including the employee's expectation of privacy, adequately securing the corporate information on the device, e-discovery and specific compliance issues for regulated organizations.
Other authorsSee publication -
Partly Cloudy with a Chance of Data Breach
Pepper Hamilton LLP
A report recently published by NIST sets forth steps federal agencies and the private sector providers who cater to them need to take to ensure the security of data stored and processed in the cloud. As has happened with previous NIST reports, these criteria will likely be used as benchmarks for assessing regulatory compliance, and serve as the gold standard for transactions completely within the private sector as well.
Other authorsSee publication -
Interview on the "Federal Drive"
Federal News Radio (1500AM)
Following up on the recent report by the National Institute of Standards and Technology (NIST), I was interviewed on Federal News Radio's show "Federal Drive" about the protection of personally identifiable information and dealing with security breaches, particularly by federal agencies.
-
Unhack My Heart: FDA Issues Guidance to Mitigate Cybersecurity Threats in Medical Devices
Pepper Hamilton LLP
In this "brave new world" of medical devices with connectivity to the Internet, the FDA recommends that manufacturers take special care to protect the devices from cybersecurity risks.
Other authorsSee publication -
NIST Proposes Privacy Control Roadmap for Organizations
Pepper Hamilton LLP
In an age in which safeguarding the privacy of a person’s information is becoming increasingly challenging, the National Institute of Standards and Technology (NIST) encourages organizations to devote time and resources to develop a system of privacy controls that would enable them to mitigate the risks to privacy.
Other authorsSee publication -
The Evolving Use of Social Media: Protecting Your Organization
New York Law Journal
-
Moderator, "Fair Use and the Internet" presentation at the Drexel Law Intellectual Property Society
-
If Three’s a Crowd, Thousands are ... an Investment Round? JOBS Act Presents Significant Changes to the Federal Securities Laws
Pepper Hamilton, LLP
The “Jumpstart Our Business Startups Act” excpeted to be enacted into law in the coming days, reduces certain securities laws reporting and registration requirements and creates "crowdfunding" - a new way to raise capital.
Other authors -
IP LawMeet: Transactional IP Moot Court Drexel University Earle Mack School of Law (Judge)
Served as a judge in a transactional IP "moot court".
-
2010 Amendments to Delaware’s LLC, Limited Partnership and Partnership Statutes
Pepper Hamilton LLP Corporate and Securities Law Alert
-
Facebook Vanity URL’s May Hurt More Than Just One’s Pride
Intellectual Property and Technology Law Journal
Other authors -
Online Contracts – You May be Agreeing Even When You Thought You Were Not
Pepper Hamilton LLP Corporate and Securities Law Alert
-
Proposed Amendments to Delaware’s LLC, Limited Partnership and Partnership Statutes
Pepper Hamilton LLP Corporate and Securities Law Alert
-
2009 Proposed Amendments to Delaware Corporation Law
Pepper Hamilton LLP Corporate and Securities Law Alert
-
Kahn v. Portnoy Reiterates Importance of Precise Drafting of LLC Agreements
Pepper Hamilton LLP Corporate and Securities Law Alert
-
BYOD (Bring Your Own Device)... *Liability and Data Breach Sold Separately - Webinar
Pepper Hamilton LLP
"Bring Your Own Device," or "BYOD," raises a variety of legal issues both for the user and for the corporation. This webinar addresses some of these issues, including: the employee's expectation of privacy, adequately securing the corporate information on the device, e-discovery and specific compliance issues for regulated organizations.
Other authorsSee publication
Honors & Awards
-
Philadelphia Bar Association Business Law Section Committee Chairperson of the year (2017)
Philadelphia Bar Association Business Law Section
Elected committee chairperson of the year for my work in the Cyberlaw Committee.
-
Pennsylvania Lawyer on the Fast Track
The Legal Intelligencer
Each year, with the help of editorial staff of The Legal Intelligencer, a group of eight evaluation panelists from across the commonwealth selects individuals who best represent the future leaders of Pennsylvania’s legal community. The list recognizes lawyers younger than 40 who have demonstrated outstanding promise in the legal profession and have made a significant commitment to the community.
http://thelegalintelligencer.typepad.com/tli/2013/08/2013-lawyers-on-the-fast-track.html
Languages
-
English
Native or bilingual proficiency
-
Hebrew
Native or bilingual proficiency
-
French
Elementary proficiency
Organizations
-
American Bar Association - Business Law Section, Cyberspace Law Committee
Member
-
American Bar Association - Science and Technology Law Group, E-Privacy Law Committee
Member
-
International Association of Privacy Professionals
Member
More activity by Odia
-
Great person. Litigator. NC Business Court Clerk. Smart and scrappy. Thrilled that Camryn Rohr decided to join our growing, growing Charlotte…
Great person. Litigator. NC Business Court Clerk. Smart and scrappy. Thrilled that Camryn Rohr decided to join our growing, growing Charlotte…
Liked by Odia Kagan
-
I was delighted to co-host the IAPP - International Association of Privacy Professionals web conference with over. 100 participants on 🚩Data…
I was delighted to co-host the IAPP - International Association of Privacy Professionals web conference with over. 100 participants on 🚩Data…
Liked by Odia Kagan
-
Talk about being "in for a penny, in for a pound", whether you want to or not... Odia Kagan once again putting out a killer summary of the situation.
Talk about being "in for a penny, in for a pound", whether you want to or not... Odia Kagan once again putting out a killer summary of the situation.
Liked by Odia Kagan
-
How much is that doggie in the window (for some who has been browsing doggies for 2 hrs)? Federal Trade Commission is coming after the use of…
How much is that doggie in the window (for some who has been browsing doggies for 2 hrs)? Federal Trade Commission is coming after the use of…
Shared by Odia Kagan
-
🌟 Hear ye, hear ye! 🌟 I recently had the pleasure of recording a webinar titled "The Privacy Paradox and AI Governance" alongside the…
🌟 Hear ye, hear ye! 🌟 I recently had the pleasure of recording a webinar titled "The Privacy Paradox and AI Governance" alongside the…
Liked by Odia Kagan
-
I am pleased to announce the 9th INPLP Annual Conference - exclusively for its worldwide members - in Luxembourg this year. Highlights will be an…
I am pleased to announce the 9th INPLP Annual Conference - exclusively for its worldwide members - in Luxembourg this year. Highlights will be an…
Liked by Odia Kagan
-
Looking forward to representing Fox Rothschild and connecting and learning from #privacyfriends old and new: Rob Corbet, Wendy Wagner, Dalit…
Looking forward to representing Fox Rothschild and connecting and learning from #privacyfriends old and new: Rob Corbet, Wendy Wagner, Dalit…
Shared by Odia Kagan
-
It took just 19 sessions in the Knesset Constitution Committee to go through Amendment 14 of the 1981 Israel Protection of Privacy Law (and it will…
It took just 19 sessions in the Knesset Constitution Committee to go through Amendment 14 of the 1981 Israel Protection of Privacy Law (and it will…
Liked by Odia Kagan
Other similar profiles
-
David Stauss
Connect -
J. Trevor Hughes
Connect -
Jessica B. Lee
Connect -
Heidi Saas
Connect -
Tim Clements
Business Owner, Purpose and Means | Cultivating passion and purpose for privacy and data protection among global leaders and their employees
Connect -
Max Schrems
Connect -
Phil Lee
Connect -
Debbie Reynolds
Connect -
Peter Craddock
Data/Cyber/Tech Law; helping you innovate & use data better (EU & international); litigation / advice / strategy
Connect -
Omer Tene
Connect
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More