Lisa Zolidis is a Partner in the firm’s Privacy and Cybersecurity practice, bringing more than two decades of experience leading global privacy programs for Fortune 500 companies and fast-growing innovators alike. 

Lisa is known for her ability to align legal strategy with business goals and build privacy programs that are not only compliant but scalable and sustainable. She regularly advises clients on data protection impact assessments, privacy-by-design for AI and emerging technologies, global data transfer frameworks, third-party risk management, and cross-border compliance strategies. Her expertise includes data protection and privacy law in the US, UK and EU GDPR, Israel, China, Japan, Philippines, South Korea, Canada and Mexico.

Lisa has built and scaled privacy and data governance functions across the technology, health data, manufacturing, transportation and business services sectors, serving in senior roles at Dell, American Airlines, NI (now part of Emerson), TaskUs, and most recently Datavant. Her leadership has consistently delivered enterprise-wide risk reduction, operationalized compliance with evolving global regulations, and supported complex business initiatives including M&A integration, product development, and international expansion. She has created strong programs with flexibility and innovation in mind to help companies not only meet business goals and establish a culture of compliance, but also satisfy regulatory inspection and a range of audit control standards.

At Datavant, Lisa served as Head of Global Privacy and Data Governance, where she strengthened the company’s privacy program and regulatory posture across GDPR, HIPAA, CCPA and beyond. Prior to that, she created and led privacy operations at NI through its acquisition by Emerson, transforming a fledgling compliance function into a modern, risk-based program. At Dell, she developed privacy and data protection policies, contracts and infrastructure across the company, advised on personal data elements of more than 30 acquisitions and divestitures, spearheaded multiple GDPR readiness workstreams and extended consistent privacy practices across 300 legal entities for the company’s landmark merger with EMC. 

Representative Experience

  • Established global privacy program for emerging business process operations company with 15,000 employees in the United States, the Philippines, Mexico, Taiwan and India.
  • Transformed fledgling privacy function at $7B technology company into a modern global, risk-based privacy program, including establishing ongoing executive engagement and cross-functional management for privacy program initiatives.
  • Implemented intracompany international data transfer and data protection agreement across approximately 300 legal entities at Fortune 100 technology company.
  • Directed data privacy due diligence and integration measures for more than 35 acquisitions and divestitures for technology companies in multiple industries, including the 2016 Dell-EMC merger, then the largest-ever U.S. technology company merger.
  • Led international Privacy Counsel group for Fortune 100 technology company across multi-pronged GDPR readiness compliance program, harmonization of diverse country-facing privacy policies, long-term development and enhancement of preference management procedures, restructuring of third-party oversight program, and coordinated product and innovation advice.
  • Successfully supported data protection elements for multiple external audits at innovative test and measurement company with strong program that satisfied relevant requirements across a range of security standards, including SOC2 Type 2, ISO 27001 and TISAX, NIST and specialized protocols for China Standard Contractual Clauses and consent requirements.
  • Develop privacy, AI and data governance policies, data processing agreement templates, intra-company data protection agreements and procedures designed to meet U.S. state and national privacy laws, including CCPA, EU and UK GDPR, South Korea's PIPA, PIPEDA, China’s Personal Information Protection Law, the Philippines Data Protection Act and the Mexico Federal Data Protection Law.
  • Design innovative privacy training tailored to legal, corporate, marketing, procurement, IT and front-line operations teams.

Publications and Speeches

  • Efficiency to Exposure: The Global Compliance Challenge of AI Recruiting, co-author with Christine Zebrowski, Potomac Law Group International Practice Newsletter, Nov. 19, 2025
  • Presiding Officer, University of Texas Technology Law Conference, May 25, 2023
  • Global Privacy Roundup, University of Texas Technology Law Conference, May 27, 2022
  • Breakout Discussion: Data-Mapping Practicalities, Consero Chief Privacy Officer Virtual Forum, August 4, 2021
  • Freedom of Motion? Global Developments in International Data Transfer, University of Texas Technology Law Conference, May 28, 2021
  • You Did What with That Data? The Role of Data Ethics and Classification within Your Data Governance Program, Association of Corporate Counsel Annual Meeting, October 14, 2020
  • The Future of AI Policy in the U.S., Austin Startup Week 2018, AI and Data Science Track, October 4, 2018
  • “Big Data By Design – Establishing Privacy Governance for Analytics,” Cambridge Handbook of Consumer Privacy, ed. E. Selinger, J. Polonetsky, O. Tene, May 2018 - chapter co-author with Dale E. Skivington and Brian P. O’Connor
  • Profiled: Women in Technology, ACC Docket magazine, September 2017
  • Ready or Not, Here Comes the Data Protection Regulation, Association of Corporate Counsel Annual Meeting, October 16, 2017
  • GDPR Readiness in 2017, University of Texas Technology Law Conference, May 26, 2017
  • Third-party Risk: Creating an Effective Information Security and Data Privacy Assessment Program for Third-party Vendors, Association of Corporate Counsel Annual Meeting, October 17, 2016
  • Data Privacy Around the World:  Keeping Up with E.U. Data Protection Changes, State Bar of Texas Annual Meeting, June 16, 2016
  • The Evolving U.S. and E.U. Privacy Framework, University of Texas Technology Law Conference, May 26, 2016
  • Preparing for EU 2015 Data Protection Rules, Association of Corporate Counsel Annual Meeting, October 29, 2014
  • Shifting Sands: Managing Data Privacy in an Ever-Changing Privacy World, State Bar of Texas, Advanced In-House Counsel Program, August 14, 2014

Education

  • New York University School of Law, J.D.
  • University of Texas, Bachelor of Journalism, highest honors

Previous Experience

  • Datavant, Head of Global Privacy and Data Governance
  • N I, now part of Emerson, Head of Global Privacy
  • Dell, Inc., Global Coordinating Privacy Counsel/Privacy Counsel Americas

Clerkships

  • Judicial Clerkship for The Hon. Justice Priscilla Owen

Admissions

  • New York
  • Texas
  • U.S. District Court for the Southern and Eastern Districts of New York

Recent News

Jump to Page

By using this site, you agree to our updated Privacy Policy and our Terms of Use