Roy Wyman

Member

Nashville

(615) 742-6220

VCARD
Roy Wyman

Roy Wyman

Member

Nashville

(615) 742-6220

roy.wyman@bassberry.com

https://www.bassberry.com/professionals/wyman-roy/

For 30 years, Roy Wyman has represented a variety of commercial entities on complex data privacy and security matters and related regulatory concerns. He counsels in-house legal departments, c-suites, boards of directors and IT teams as they navigate data privacy and cybersecurity issues arising under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), General Data Protection Regulation (EU GDPR), Telephone Consumer Protection Act (TCPA), CAN-SPAM Act, state privacy laws like California Privacy Rights Act (CPRA) and other related statutes.

In addition to his practice focus on data privacy and security matters, Roy has extensive experience counseling clients working in and with the healthcare industry through regulatory and transactional matters, including Stark Law and Anti-Kickback Statute and other wide-ranging compliance matters.

Prior to joining Bass, Berry & Sims, Roy chaired the Privacy & Security Industry Group at Nelson Mullins LLP. He also previously served as the Chief Privacy Officer and Associate General Counsel of Regulatory for TeamHealth, Inc., one of the nation’s largest physician staffing companies. He also served as senior legal counsel for CVS Caremark Corp, leading in operational and regulatory matters for certain divisions of CVS Health, including as primary counsel for MinuteClinic retail and for CVS’s disease management, medical/pharmacy software and claims management subsidiaries.

Memberships

International Association of Privacy Professionals

American Bar Association — Health Law Section

American Health Law Association (AHLA)

Wild Heart Meditation Center — Director

Memberships

International Association of Privacy Professionals

American Bar Association — Health Law Section

American Health Law Association (AHLA)

Wild Heart Meditation Center — Director

Representative Experience
Representative Experience
Publications
  • Alex Davenport and Roy Wyman Explore Legal and Regulatory Developments Involving Tracking Technologies
    March 19, 2025 | Cybersecurity Law Report
  • 2025 Healthcare Private Equity Outlook & Trends
    January 10, 2025 | Firm Publication
  • New Year, New Privacy Laws!
    January 9, 2025 | Firm Publication
Past Events
Media Mentions & Firm News
Additional News & Insights

Publications

  • “You Can’t Get There from Here: Did the EU Just Outlaw Almost All Transfers of Personal Data to the U.S.?,” (co-author) DRI’s For the Defense (December 2020)
  • “Can HIPAA be Saved? The Continuing Relevance and Evolution of Healthcare Privacy and Security Standards,” (author) American Bar Association’s The Health Lawyer (August 31, 2020)
  • “Navigating the Risks of New Healthcare Technologies,” (author) Nashville Medical News (July 2019)
  • “Blockchain Meets Healthcare: Understanding the Business Model and Implementing Initiatives,” (co-author) ACC Docket (August 28, 2017)
  • “Hot Takes and Predictions For Healthcare in 2017,” Physicians Practice (March 3, 2017)
  • “Blockchain In Healthcare: An Executive Update,” (co-author) Health IT Outcomes (February 15, 2017)
  • “How Can Healthcare Technology Contribute to Care Coordination,” Healthcare Innovation News (2016)
  • “The Federal Vision for Healthcare IT: A Dystopian Paradise,” TechCrunch (2015)

Presentations

  • “From Data Mapping to Surviving Ransomware Attacks” (speaker) Association of Corporate Counsel Tennessee Chapter (November 4, 2021)
  • SCCE’s Tampa Regional Compliance & Ethics Conference: Global Cybersecurity & Privacy 2021 – (speaker) (April 23, 2021)
  • “The New Reality in Health Care,” (speaker) American Bankruptcy Institute Health Care Program (March 5, 2020)
  • 2020 HCCA Board & Audit Committee Compliance Conference (speaker) (February 24-25, 2020)
  • “Data Compliance: Getting the Most Out of Data – Legally,” (panelist) Association of Corporate Counsel Tennessee Chapter (September 25, 2019)
  • “Proven in the Breach: Stories of How to Prepare for, and Survive, Data Attacks,” (speaker) Association of Corporate Counsel North Florida Chapter (August 6, 2018)
  • “How to Inoculate Your Organization Against Cyberattacks,” (panelist) BDO’s 2017 Year-End Accounting and Tax Update (December 5, 2017)
  • “Legal Issues in Blockchain,” (speaker) Health Tech Net (September 15, 2017)
  • “Using Risk Assessments to Attack the Common Breach,” NCHICA’s 13th AMC Security & Privacy Conference (June 12, 2017)
  • “Ensuring Privacy and Mitigating Cyber Risks in the Cloud and the Internet of Things,” HealthIMPACT East (June 5, 2017)
  • “Securing Healthcare: Balancing Compliance, Security and Information Access,” (panelist) Technology Association of Georgia (July 14, 2016)
  • “Technology, Information, and the Future of Legal Practice,” Middle Tennessee Paralegal Association (April 21, 2016)
  • “Health-y Apps; Trends and Regulatory Environment,” Health TechNet (April 15, 2016)
  • “Facebook v. Jefferson, How our Emerging, Networked Society Undermines Ideas of Security and Privacy,” South Carolina Law Review Symposium (February 4, 2016)
Publications
  • Alex Davenport and Roy Wyman Explore Legal and Regulatory Developments Involving Tracking Technologies
    March 19, 2025 | Cybersecurity Law Report
  • 2025 Healthcare Private Equity Outlook & Trends
    January 10, 2025 | Firm Publication
  • New Year, New Privacy Laws!
    January 9, 2025 | Firm Publication
  • How Can Healthcare Providers Respond to Online Patient Reviews Without Violating HIPAA?
    October 9, 2024 | Firm Publication
  • Rhode Island Passes Data Transparency and Privacy Protection Act
    July 17, 2024 | Firm Publication
  • Skol, Vikings: Minnesota Enhances Consumer Data Protections
    June 11, 2024 | Firm Publication
  • Maryland Lands On Novel Data Privacy Scheme
    May 23, 2024 | Firm Publication
  • The Deadline is Approaching Fast on New Data Privacy Laws
    May 6, 2024 | Firm Publication
  • Hüskers Dü Privacy
    April 24, 2024 | Firm Publication
  • Kentucky Gallops into the Privacy Race: Kentucky’s New Consumer Data Privacy Law
    April 15, 2024 | Firm Publication
  • AI a Target of California Regulation Drafting
    March 21, 2024 | Firm Publication
  • Don’t Roll the Dice on Health Data Compliance: Nevada’s Consumer Health Data Law Takes Effect on March 31, 2024
    March 20, 2024 | Firm Publication
  • New Hampshire Comprehensive Privacy Bill Signed into Law
    March 13, 2024 | Firm Publication
  • Closing the Privacy Gap: Understanding the Nuances and Heightened Risk of Washington’s My Health My Data Act
    February 2, 2024 | Firm Publication
  • 2024’s New Data Privacy Requirements
    January 29, 2024 | Firm Publication
  • 2024 Healthcare Private Equity Outlook & Trends
    January 8, 2024 | Firm Publication
  • Roy Wyman Examines Adoption and Use of AI in Healthcare Delivery
    December 1, 2023 | Health Law Connections
  • India Enacts a Comprehensive Data Privacy Law: The Digital Personal Data Protection Act
    October 16, 2023 | Firm Publication
  • Attorneys Compare State Data Privacy Rules for Corporate Compliance Insights Article
    October 10, 2023 | Corporate Compliance Insights
  • Delaware Makes a Baker’s Dozen: Delaware Becomes the Thirteenth State to Enact a Comprehensive Consumer Data Privacy Law
    September 18, 2023 | Firm Publication
  • Oregon Becomes Twelfth State to Enact a Comprehensive Consumer Privacy Law
    August 15, 2023 | Firm Publication
  • Texas Data Privacy and Security Act Goes Into Effect with Impact Far Beyond Its Borders
    June 22, 2023 | Firm Publication
  • Florida Added to Growing List of New Comprehensive Consumer Privacy Laws
    June 12, 2023 | Firm Publication
  • Montana Legislature Passes Comprehensive Consumer Data Privacy Bill
    May 9, 2023 | Firm Publication
  • Tennessee Information Protection Act Approved by Lawmakers
    April 28, 2023 | Firm Publication
  • Indiana Consumer Privacy Law
    April 26, 2023 | Firm Publication
  • Attorneys Examine Impact of FTC’s Settlements Involving Health Breach Notification Rule
    April 20, 2023 | Fierce Healthcare
  • Iowa Governor Signs Data Privacy Act into Law
    March 29, 2023 | Firm Publication
  • CPRA Readiness: Audits, Assessments, and Automated Decision-Making
    February 10, 2023 | Firm Publication
  • New Year, New Versions of the Colorado Privacy Act Draft Regulations
    January 31, 2023 | Firm Publication
  • CPRA Draft Regulations – Next Round(s)
    November 9, 2022 | Firm Publication
  • Colorado Attorney General Releases Colorado Privacy Act Draft Regulations
    October 12, 2022 | Firm Publication
  • Roy Wyman Authors Article Suggesting that A Federal Data Privacy Law is the Disaster We Urgently Need
    August 25, 2022 | Law360
  • American Data Privacy and Protection Act – Could a Federal Privacy Law be on the Horizon?
    June 21, 2022 | Firm Publication
  • Connecticut Governor Signs Data Privacy Act into Law
    May 18, 2022 | Firm Publication
Media Mentions & Firm News
Accolades

The Legal 500 United States — Healthcare Service Providers (2020)

Financial Times North America Innovative Lawyers — New Products and Services (2019)

Accolades

The Legal 500 United States — Healthcare Service Providers (2020)

Financial Times North America Innovative Lawyers — New Products and Services (2019)