Ilya Smith serves as a trusted advisor to foundations and nonprofits on a variety of governance, grantmaking, and charitable gifts matters and assists clients implement comprehensive privacy and data protection practices.
Ilya’s clients appreciate her expansive transactional, regulatory compliance, and program-building experience as a former in-house attorney, Chief Compliance Officer and Chief Privacy Officer at nonprofit and Fortune 100 corporations. Ilya intuitively understands mission-based governance and risk management strategies and effectively partners with clients to drive outcomes while managing risks. Ilya has a distinctive ability to quarterback cross-functional legal strategies and regulatory compliance imperatives to support business objectives. Ilya is adept at navigating organizational interdependencies when assisting clients to operationalize regulatory compliance programs, policy, and best practices.
Ilya’s tax-exempt organization practice includes advising clients in the full breadth of activities supporting an organization’s charitable purposes. Ilya assists private foundations and nonprofits address the entire continuum of their legal needs including grantmaking, bylaws, policies and best practice implementation, and unrelated business taxable income issues. From incorporating new nonprofit organizations, preparing exemption applications for filing with the IRS to drafting grantmaking instruments, Ilya regularly assists nonprofit organizations with governance and the total breadth of nonprofit operational matters.
Ilya’s privacy compliance practice includes assisting clients in privacy and data security matters throughout the data lifecycle. Ilya’s privacy practice is grounded in delivering privacy by design solutions to clients and assisting clients responsibly process data. Her privacy-focused transactional practice spans a wide variety of agreements including complex technology and software licensing agreements involving the collection and processing of data and personally identifiable information and the ownership and use of client data. Ilya’s approach to helping clients steward the personal information of their constituents emphasizes plain language, transparency and easy-to-execute processes providing data subjects opportunities to exercise their privacy rights.
State Bar Licenses
- Successfully managed three class action lawsuits following a major, enterprise-wide security incident while advising client on the implementation of proactive risk mitigation strategies contributing to a favorable settlement with plaintiffs and recognition by regulators of best in class incident response and vendor management programs.*
- Effectively managed a cross-functional team to perform enterprise-wide GDPR gap assessments and designed and implemented policies, processes, notices, and consent frameworks for clients in the clinical research, health services, education services, and professional services industries.
- Designed and implemented inaugural Privacy Program and Privacy and Data Governance frameworks fora major public R1 research Higher Education Institution.
- Successfully negotiated hundreds of negotiations with client vendors leading to robust Privacy and Cyber Security protections of client data and the inclusion of terms transferring risks to vendors.
*Experience completed prior to joining Clark Hill.