Vanessa Henri

Vanessa Henri

Lawyer, Information Security Governance Committee Member, Fasken


I work with emerging growth organizations to help them articulate a data governance strategy taking into consideration data privacy, information security, intellectual property, and ethics. I bring value and a competitive edge to data-driven organizations by helping them to manage their legal risks, enhance consumers’ trust and fast-forward the adoption of disruptive technologies through trust-by-design. I have extensive experience negotiating and drafting tech agreements with data governance implications ( such as SaaS Agreements, Data Licensing, Cloud Computing Agreements, Terms of Services, MSAs, EULAs, Acceptable Use Policies, and Subcontractor Agreements), and enjoy working with entrepreneurs to build contractual structures that reflect their business strategies. I am fascinated by ethical innovation, the economic value of trust, and nurturing purpose-driven organizations.

Organizations reach out to me to understand the legal impacts of their strategy for managing and securing their information assets, which may include trade secrets, intellectual property, and personal information, and for advice on how to improve governance, risk management, and decision making regarding such informational assets. I also work with organizations on issues of economic cyber-espionage and national security impacts. The organizations I work with are principally in the sectors of Cybersecurity, InsurTech, FinTech, Critical Infrastructures, and Software Development, and I have experience with technologies such as cloud computing, edge computing, 5G, AI, quantum computing, self-driving cars, and blockchain.

I am a member of the Quebec Bar Association, a Certified Data Protection Officer (“CDPO”) and a Lead Implementor for ISO 27701 (Privacy Information Management System), with a proven track record of helping organizations of all sizes and industries implementing compliance measures for their informational assets, including through privacy-by-design in emerging technologies. I have experience deploying information management systems for organizations of all sizes by drafting policies, procedures and establishing risk management methodologies. I perform risk assessments and audits to prepare organizations for certification or for new compliance obligations, or for pre-market validation requirements.

I’ve recently been honored as part of Top 20 Cybersecurity Women Canada.