Headshot of Nadia Jandali Chao.
Headshot of Nadia Jandali Chao.
Headshot of Nadia Jandali Chao.
Blurry image of a white wall next to an orange wall. A shelf with small white objects is visible.
Blurry image of a white wall next to an orange wall. A shelf with small white objects is visible.
Blurry image of a white wall next to an orange wall. A shelf with small white objects is visible.

Nadia Jandali Chao

Partner

Nadia is a trusted adviser on privacy law, commercial agreements, risk management, and corporate governance. She has extensive experience in demanding private practice and in-house roles, and a proven track record in senior legal and business management.

Office

+1 416 775 7613

email

njandalichao@lerners.ca

Socials

Awards & Recognitions

Areas of Expertise

  • Privacy and Data Security

  • Health Law

  • Commercial Contracts

  • Corporate Governance

  • Risk Management

  • Regulatory Compliance

  • Data Sharing and Access Requests

  • Breach Response

  • Executive and Board Advisory

  • Digital Health and Technology

Education

  • Admitted to the Ontario Bar (2006)

  • LL.M, Privacy and Cybersecurity Law, Osgoode Hall Law School (2025)

  • Certified In-House Counsel - Canada (CIC.C) Designation, Rotman School of Management (2018)

  • LL.B, University of Western Ontario (2005)

  • B.A. (Hons), Psychology, University of Western Ontario (2001)

Education

  • Admitted to the Ontario Bar (2006)

  • LL.M, Privacy and Cybersecurity Law, Osgoode Hall Law School (2025)

  • Certified In-House Counsel - Canada (CIC.C) Designation, Rotman School of Management (2018)

  • LL.B, University of Western Ontario (2005)

  • B.A. (Hons), Psychology, University of Western Ontario (2001)

Education

  • Admitted to the Ontario Bar (2006)

  • LL.M, Privacy and Cybersecurity Law, Osgoode Hall Law School (2025)

  • Certified In-House Counsel - Canada (CIC.C) Designation, Rotman School of Management (2018)

  • LL.B, University of Western Ontario (2005)

  • B.A. (Hons), Psychology, University of Western Ontario (2001)

Awards and Recognitions

  • Selected by peers for inclusion in Best Lawyers in Canada for Privacy and Data Security Law in 2025 and 2026

  • #1 Thought Leading Author, Compliance - Canada, Mondaq Autumn 2024 Thought Leadership Awards

  • Certified In-House Counsel - Canada (CIC.C) Designation, Rotman School of Management

  • Certified Information Privacy Professional – Canada (CIPP/C) Designation, International Association of Privacy Professionals

Awards and Recognitions

  • Selected by peers for inclusion in Best Lawyers in Canada for Privacy and Data Security Law in 2025 and 2026

  • #1 Thought Leading Author, Compliance - Canada, Mondaq Autumn 2024 Thought Leadership Awards

  • Certified In-House Counsel - Canada (CIC.C) Designation, Rotman School of Management

  • Certified Information Privacy Professional – Canada (CIPP/C) Designation, International Association of Privacy Professionals

Awards and Recognitions

  • Selected by peers for inclusion in Best Lawyers in Canada for Privacy and Data Security Law in 2025 and 2026

  • #1 Thought Leading Author, Compliance - Canada, Mondaq Autumn 2024 Thought Leadership Awards

  • Certified In-House Counsel - Canada (CIC.C) Designation, Rotman School of Management

  • Certified Information Privacy Professional – Canada (CIPP/C) Designation, International Association of Privacy Professionals

Selected Presentations and Publications

  • Speaker, Privacy Class Actions: Trends, Risks and Mitigation, Ontario Bar Association, March 4, 2025

  • Speaker, “Women In Security And Privacy (WISP) Forward: 2025 Security & Privacy,” November 27, 2024

  • Presenter, “Privacy Law Reform: Navigating the Patchwork,” Lerners LLP, September 25, 2024

  • Presenter, “The Intersection of Innovation and Privacy in Healthcare,” Lerners LLP, September 25, 2024

  • Presenter, “Cyber & Privacy, More Than Just Ransomware,” Municipal & Public Entity Risk Conference, April 18, 2024

  • Presenter, “A 360 Degree View of Vendor Privacy Risk Management,” IAPP Canada Privacy Symposium, May 26, 2023

  • Presenter, “Beyond Hearsay: Putting Demonstrable Accountability into Practice,” IAPP Canada Privacy Symposium, May 27, 2022

  • Presenter, “Health Information Privacy in a Changing Landscape,” Privacy and Data Security Compliance Forum, The Canadian Institute, January 30, 2019

  • Presenter, “Beyond Compliance: How to Elevate the Privacy Discussion in Your Organization,” PHIPA Connections Summit, December 4, 2018

Selected Presentations and Publications

  • Speaker, Privacy Class Actions: Trends, Risks and Mitigation, Ontario Bar Association, March 4, 2025

  • Speaker, “Women In Security And Privacy (WISP) Forward: 2025 Security & Privacy,” November 27, 2024

  • Presenter, “Privacy Law Reform: Navigating the Patchwork,” Lerners LLP, September 25, 2024

  • Presenter, “The Intersection of Innovation and Privacy in Healthcare,” Lerners LLP, September 25, 2024

  • Presenter, “Cyber & Privacy, More Than Just Ransomware,” Municipal & Public Entity Risk Conference, April 18, 2024

  • Presenter, “A 360 Degree View of Vendor Privacy Risk Management,” IAPP Canada Privacy Symposium, May 26, 2023

  • Presenter, “Beyond Hearsay: Putting Demonstrable Accountability into Practice,” IAPP Canada Privacy Symposium, May 27, 2022

  • Presenter, “Health Information Privacy in a Changing Landscape,” Privacy and Data Security Compliance Forum, The Canadian Institute, January 30, 2019

  • Presenter, “Beyond Compliance: How to Elevate the Privacy Discussion in Your Organization,” PHIPA Connections Summit, December 4, 2018

Selected Presentations and Publications

  • Speaker, Privacy Class Actions: Trends, Risks and Mitigation, Ontario Bar Association, March 4, 2025

  • Speaker, “Women In Security And Privacy (WISP) Forward: 2025 Security & Privacy,” November 27, 2024

  • Presenter, “Privacy Law Reform: Navigating the Patchwork,” Lerners LLP, September 25, 2024

  • Presenter, “The Intersection of Innovation and Privacy in Healthcare,” Lerners LLP, September 25, 2024

  • Presenter, “Cyber & Privacy, More Than Just Ransomware,” Municipal & Public Entity Risk Conference, April 18, 2024

  • Presenter, “A 360 Degree View of Vendor Privacy Risk Management,” IAPP Canada Privacy Symposium, May 26, 2023

  • Presenter, “Beyond Hearsay: Putting Demonstrable Accountability into Practice,” IAPP Canada Privacy Symposium, May 27, 2022

  • Presenter, “Health Information Privacy in a Changing Landscape,” Privacy and Data Security Compliance Forum, The Canadian Institute, January 30, 2019

  • Presenter, “Beyond Compliance: How to Elevate the Privacy Discussion in Your Organization,” PHIPA Connections Summit, December 4, 2018

Community Involvement

  • IAPP Advisory Board (Training for Privacy and Data Protection) (current)

  • Vice Chair of the board and Chair of the Governance Committee - Youth and Philanthropy Initiative Canada (2020-2024)

Community Involvement

  • IAPP Advisory Board (Training for Privacy and Data Protection) (current)

  • Vice Chair of the board and Chair of the Governance Committee - Youth and Philanthropy Initiative Canada (2020-2024)

Community Involvement

  • IAPP Advisory Board (Training for Privacy and Data Protection) (current)

  • Vice Chair of the board and Chair of the Governance Committee - Youth and Philanthropy Initiative Canada (2020-2024)

A Leader in Health Privacy Law

Nadia Jandali Chao is a Toronto-based partner at Lerners, and member of its Specialty Risk and Insurance group, Business Law group, and Privacy, Data and Information Security group. She provides trusted and strategic advice on matters relating to privacy law, health law, commercial matters, risk management, and corporate governance. 

With nearly two decades of experience in demanding and complex in-house and private practice environments, Nadia offers a unique and well-rounded perspective.  She started her career in a top-tier civil litigation practice before transitioning to in-house legal and business management roles.  Nadia held several positions, including Acting General Counsel, Chief Privacy Officer and Corporate Secretary, at the largest provincial health agency, Cancer Care Ontario (now Ontario Health), where she was responsible for managing the legal and privacy teams and advising the executive team and board of directors

on a wide range of high-risk matters. She was accountable for CCO’s complex and highly regulated privacy program, which protected some of the most comprehensive healthcare data sets in Canada, and she was considered instrumental to the success of numerous digital and technology initiatives. She then took that experience to the private sector to act as General Counsel and Head of Privacy for a healthtech start-up in the mental health space where she built out a legal and privacy function during a period of intense growth. 

Having now returned to private practice, Nadia works with clients in both the public and private sectors on a variety of privacy matters, such as privacy program development, risk assessments, policies and procedures, training, incident management and response, as well as access to information requests, and data sharing agreements. She also advises clients on various commercial matters, including contracts, board

governance, and enterprise risk management. 

Clients appreciate that Nadia is strong at forging relationships, understanding organizational dynamics and providing advice that is practical, goal-oriented and of excellent quality. She approaches each matter with the highest integrity and insight. As a former in-house counsel, Nadia understands that legal issues are only one piece of a much bigger puzzle that decision-makers must manage.

Nadia was recognized by her peers for her expertise in Privacy and Data Security Law in the 2025 and 2026 editions of Best Lawyers in Canada.  She is a Certified Information Privacy Professional (Canada), issued by the International Association of Privacy Professionals (IAPP) and a member of the global IAPP Advisory Board (Training for Privacy and Data Protection).  Additionally, she has a Master of Laws in Privacy and Cybersecurity at Osgoode Hall Law School.  

Nadia Jandali Chao is a Toronto-based partner at Lerners, and member of its Specialty Risk and Insurance group, Business Law group, and Privacy, Data and Information Security group. She provides trusted and strategic advice on matters relating to privacy law, health law, commercial matters, risk management, and corporate governance. 

With nearly two decades of experience in demanding and complex in-house and private practice environments, Nadia offers a unique and well-rounded perspective.  She started her career in a top-tier civil litigation practice before transitioning to in-house legal and business management roles.  Nadia held several positions, including Acting General Counsel, Chief Privacy Officer and Corporate Secretary, at the largest provincial health agency, Cancer Care Ontario (now Ontario Health), where she was responsible for managing the legal and privacy teams and advising the executive team and board of directors on a wide range of high-risk matters. She was accountable for CCO’s complex and highly regulated privacy program, which protected some of the most comprehensive healthcare data sets in Canada, and she was considered instrumental to the success of numerous digital and technology initiatives. She then took that experience to the private sector to act as General Counsel and Head of Privacy for a healthtech start-up in the mental health space where she built out a legal and privacy function during a period of intense growth. 

Having now returned to private practice, Nadia works with clients in both the public and private sectors on a variety of privacy matters, such as privacy program development, risk assessments, policies and procedures, training, incident management and response, as well as access to information requests, and data sharing agreements. She also advises clients on various commercial matters, including contracts, board governance, and enterprise risk management. 

Clients appreciate that Nadia is strong at forging relationships, understanding organizational dynamics and providing advice that is practical, goal-oriented and of excellent quality. She approaches each matter with the highest integrity and insight. As a former in-house counsel, Nadia understands that legal issues are only one piece of a much bigger puzzle that decision-makers must manage.

Nadia was recognized by her peers for her expertise in Privacy and Data Security Law in the 2025 and 2026 editions of Best Lawyers in Canada.  She is a Certified Information Privacy Professional (Canada), issued by the International Association of Privacy Professionals (IAPP) and a member of the global IAPP Advisory Board (Training for Privacy and Data Protection).  Additionally, she has a Master of Laws in Privacy and Cybersecurity at Osgoode Hall Law School.  

Nadia Jandali Chao is a Toronto-based partner at Lerners, and member of its Specialty Risk and Insurance group, Business Law group, and Privacy, Data and Information Security group. She provides trusted and strategic advice on matters relating to privacy law, health law, commercial matters, risk management, and corporate governance. 

With nearly two decades of experience in demanding and complex in-house and private practice environments, Nadia offers a unique and well-rounded perspective.  She started her career in a top-tier civil litigation practice before transitioning to in-house legal and business management roles.  Nadia held several positions, including Acting General Counsel, Chief Privacy Officer and Corporate Secretary, at the largest provincial health agency, Cancer Care Ontario (now Ontario Health), where she was responsible for managing the legal and privacy teams and advising the executive team and board of directors on a wide range of high-risk matters. She was accountable for CCO’s complex and highly regulated privacy program, which protected some of the most comprehensive healthcare data sets in Canada, and she was considered instrumental to the success of numerous digital and technology initiatives. She then took that experience to the private sector to act as General Counsel and Head of Privacy for a healthtech start-up in the mental health space where she built out a legal and privacy function during a period of intense growth. 

Having now returned to private practice, Nadia works with clients in both the public and private sectors on a variety of privacy matters, such as privacy program development, risk assessments, policies and procedures, training, incident management and response, as well as access to information requests, and data sharing agreements. She also advises clients on various commercial matters, including contracts, board governance, and enterprise risk management. 

Clients appreciate that Nadia is strong at forging relationships, understanding organizational dynamics and providing advice that is practical, goal-oriented and of excellent quality. She approaches each matter with the highest integrity and insight. As a former in-house counsel, Nadia understands that legal issues are only one piece of a much bigger puzzle that decision-makers must manage.

Nadia was recognized by her peers for her expertise in Privacy and Data Security Law in the 2025 and 2026 editions of Best Lawyers in Canada.  She is a Certified Information Privacy Professional (Canada), issued by the International Association of Privacy Professionals (IAPP) and a member of the global IAPP Advisory Board (Training for Privacy and Data Protection).  Additionally, she has a Master of Laws in Privacy and Cybersecurity at Osgoode Hall Law School.  

Latest Insights

Overhead view of business people collaborating around a table with laptops, tablets, and financial documents. A digital security lock and binary code are overlaid.

Privacy and Cybersecurity

Data Privacy Day 2025: A Time to Reflect and Project

Read Now

Person reviewing a document on laptop. A checklist icon and speech bubbles indicate feedback and approval.

Privacy and Cybersecurity

You Are the Company You Keep: Managing Third Party Privacy Risk

Read Now

Person typing on a laptop at a table with a cup of coffee and a small plant.

Privacy and Cybersecurity

Bill 194, Part I: FIPPA Amendments

Read Now

Latest Insights

Overhead view of business people collaborating around a table with laptops, tablets, and financial documents. A digital security lock and binary code are overlaid.

Privacy and Cybersecurity

Data Privacy Day 2025: A Time to Reflect and Project

Read Now

Person reviewing a document on laptop. A checklist icon and speech bubbles indicate feedback and approval.

Privacy and Cybersecurity

You Are the Company You Keep: Managing Third Party Privacy Risk

Read Now

Person typing on a laptop at a table with a cup of coffee and a small plant.

Privacy and Cybersecurity

Bill 194, Part I: FIPPA Amendments

Read Now

Latest Insights

Overhead view of business people collaborating around a table with laptops, tablets, and financial documents. A digital security lock and binary code are overlaid.

Privacy and Cybersecurity

Data Privacy Day 2025: A Time to Reflect and Project

Read Now

Person reviewing a document on laptop. A checklist icon and speech bubbles indicate feedback and approval.

Privacy and Cybersecurity

You Are the Company You Keep: Managing Third Party Privacy Risk

Read Now

Person typing on a laptop at a table with a cup of coffee and a small plant.

Privacy and Cybersecurity

Bill 194, Part I: FIPPA Amendments

Read Now

Reach Out

Everyone at Lerners is committed to ensuring your matters are addressed with the attention and care you expect.

Reach Out

Everyone at Lerners is committed to ensuring your matters are addressed with the attention and care you expect.

Reach Out

Everyone at Lerners is committed to ensuring your matters are addressed with the attention and care you expect.