Sadia works with a wide array of clients, including financial institutions, consumer reporting agencies, insurance companies, healthcare providers, property management companies, and data and analytics providers. With her years of experience as internal counsel, Sadia is able to break down complex legal issues into plain English, and she provides tactical, actionable advice.
Sadia’s practice is primarily focused on data privacy law compliance and incident response. She has experience with the California Consumer Privacy Act of 2018 (CCPA), the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), the Driver’s Privacy Protection Act (DPPA), California Online Privacy Protection Act (CalOPPA), as well as various other state laws concerning privacy and cybersecurity. She provides strategic privacy compliance counseling, and defends, counsels and represents companies on matters relating to data privacy, data use, and data breaches and investigations with an eye towards helping clients avoid litigation.
Sadia also drafts policies and procedures for financial services companies, including consumer reporting agencies, that document compliance with consumer protection laws and regulations. Further, she has experience drafting and negotiating data licensing agreements, screening services agreements and playbooks for consumer reporting agencies. She advises her clients on best practices related to onboarding end users, such as end user credentialing and required disclosures and certifications.
She provides ongoing analysis and commentary on developments in the consumer financial services industry, with a focus on privacy law developments, through the Consumer Financial Services Law Monitor blog at cfslawmonitor.com.
Prior to becoming an attorney, Sadia worked for JPMorgan Chase and Washington Mutual Bank. Her ongoing interest in the financial services industry led her to pursue an LL.M. in banking and finance after graduating from law school.
The California Consumer Privacy Act (CCPA) takes effect in less than three months and is still riddled with confusions and ambiguities. Organizations seeking to comply with the new privacy law are left in the dark trying to understand not only the in...