Roy Wyman

Member

Nashville

(615) 742-6220

VCARD

Roy Wyman

Member

Nashville

(615) 742-6220

roy.wyman@bassberry.com

https://www.bassberry.com/professionals/wyman-roy/

For 30 years, Roy Wyman has represented a variety of commercial entities on complex data privacy and security matters and related regulatory concerns. He counsels in-house legal departments, c-suites, boards of directors and IT teams as they navigate data privacy and cybersecurity issues arising under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), General Data Protection Regulation (EU GDPR), Telephone Consumer Protection Act (TCPA), CAN-SPAM Act, state privacy laws like California Privacy Rights Act (CPRA) and other related statutes.

In addition to his practice focus on data privacy and security matters, Roy has extensive experience counseling clients working in and with the healthcare industry through regulatory and transactional matters, including Stark Law and Anti-Kickback Statute and other wide-ranging compliance matters.

Prior to joining Bass, Berry & Sims, Roy chaired the Privacy & Security Industry Group at Nelson Mullins LLP. He also previously served as the Chief Privacy Officer and Associate General Counsel of Regulatory for TeamHealth, Inc., one of the nation’s largest physician staffing companies. He also served as senior legal counsel for CVS Caremark Corp, leading in operational and regulatory matters for certain divisions of CVS Health, including as primary counsel for MinuteClinic retail and for CVS’s disease management, medical/pharmacy software and claims management subsidiaries.

Memberships

International Association of Privacy Professionals

American Bar Association — Health Law Section

American Health Law Association (AHLA)

Wild Heart Meditation Center — Director

Representative Experience
Publications
Media Mentions & Firm News
Accolades

The Legal 500 United States — Healthcare Service Providers (2020)

Financial Times North America Innovative Lawyers — New Products and Services (2019)

Related Services
Related Industires
Education
  • University of Michigan Law School - J.D., 1993
  • Wheaton College - B.A., 1986
Admissions
  • Tennessee, 2015
  • North Carolina, 1995

For 30 years, Roy Wyman has represented a variety of commercial entities on complex data privacy and security matters and related regulatory concerns. He counsels in-house legal departments, c-suites, boards of directors and IT teams as they navigate data privacy and cybersecurity issues arising under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), General Data Protection Regulation (EU GDPR), Telephone Consumer Protection Act (TCPA), CAN-SPAM Act, state privacy laws like California Privacy Rights Act (CPRA) and other related statutes.

In addition to his practice focus on data privacy and security matters, Roy has extensive experience counseling clients working in and with the healthcare industry through regulatory and transactional matters, including Stark Law and Anti-Kickback Statute and other wide-ranging compliance matters.

Prior to joining Bass, Berry & Sims, Roy chaired the Privacy & Security Industry Group at Nelson Mullins LLP. He also previously served as the Chief Privacy Officer and Associate General Counsel of Regulatory for TeamHealth, Inc., one of the nation’s largest physician staffing companies. He also served as senior legal counsel for CVS Caremark Corp, leading in operational and regulatory matters for certain divisions of CVS Health, including as primary counsel for MinuteClinic retail and for CVS’s disease management, medical/pharmacy software and claims management subsidiaries.

Memberships

International Association of Privacy Professionals

American Bar Association — Health Law Section

American Health Law Association (AHLA)

Wild Heart Meditation Center — Director

Representative Experience
Publications
Past Events
Media Mentions & Firm News
Additional News & Insights

Publications

  • “You Can’t Get There from Here: Did the EU Just Outlaw Almost All Transfers of Personal Data to the U.S.?,” (co-author) DRI’s For the Defense (December 2020)
  • “Can HIPAA be Saved? The Continuing Relevance and Evolution of Healthcare Privacy and Security Standards,” (author) American Bar Association’s The Health Lawyer (August 31, 2020)
  • “Navigating the Risks of New Healthcare Technologies,” (author) Nashville Medical News (July 2019)
  • “Blockchain Meets Healthcare: Understanding the Business Model and Implementing Initiatives,” (co-author) ACC Docket (August 28, 2017)
  • “Hot Takes and Predictions For Healthcare in 2017,” Physicians Practice (March 3, 2017)
  • “Blockchain In Healthcare: An Executive Update,” (co-author) Health IT Outcomes (February 15, 2017)
  • “How Can Healthcare Technology Contribute to Care Coordination,” Healthcare Innovation News (2016)
  • “The Federal Vision for Healthcare IT: A Dystopian Paradise,” TechCrunch (2015)

Presentations

  • “From Data Mapping to Surviving Ransomware Attacks” (speaker) Association of Corporate Counsel Tennessee Chapter (November 4, 2021)
  • SCCE’s Tampa Regional Compliance & Ethics Conference: Global Cybersecurity & Privacy 2021 – (speaker) (April 23, 2021)
  • “The New Reality in Health Care,” (speaker) American Bankruptcy Institute Health Care Program (March 5, 2020)
  • 2020 HCCA Board & Audit Committee Compliance Conference (speaker) (February 24-25, 2020)
  • “Data Compliance: Getting the Most Out of Data – Legally,” (panelist) Association of Corporate Counsel Tennessee Chapter (September 25, 2019)
  • “Proven in the Breach: Stories of How to Prepare for, and Survive, Data Attacks,” (speaker) Association of Corporate Counsel North Florida Chapter (August 6, 2018)
  • “How to Inoculate Your Organization Against Cyberattacks,” (panelist) BDO’s 2017 Year-End Accounting and Tax Update (December 5, 2017)
  • “Legal Issues in Blockchain,” (speaker) Health Tech Net (September 15, 2017)
  • “Using Risk Assessments to Attack the Common Breach,” NCHICA’s 13th AMC Security & Privacy Conference (June 12, 2017)
  • “Ensuring Privacy and Mitigating Cyber Risks in the Cloud and the Internet of Things,” HealthIMPACT East (June 5, 2017)
  • “Securing Healthcare: Balancing Compliance, Security and Information Access,” (panelist) Technology Association of Georgia (July 14, 2016)
  • “Technology, Information, and the Future of Legal Practice,” Middle Tennessee Paralegal Association (April 21, 2016)
  • “Health-y Apps; Trends and Regulatory Environment,” Health TechNet (April 15, 2016)
  • “Facebook v. Jefferson, How our Emerging, Networked Society Undermines Ideas of Security and Privacy,” South Carolina Law Review Symposium (February 4, 2016)
Accolades

The Legal 500 United States — Healthcare Service Providers (2020)

Financial Times North America Innovative Lawyers — New Products and Services (2019)