Joseph Dickinson
Shareholder, Nexsen Pruet, PLLC
Joe is Of Counsel in our Raleigh office where his practice focuses on information governance, data use, privacy, and cybersecurity. With more than 30 years of practice in the industry, his background in technology and cybersecurity is marked by numerous achievements, having successfully advised and guided clients around the country through the intricate landscape of data protection regulations and risk mitigation strategies. A recognized thought leader on data privacy, cybersecurity, and healthcare topics. Joe is Certified in Healthcare Privacy Compliance (CHPC®).
He advises and defends clients faced with state, federal, and foreign governmental agency enforcement and compliance investigations, leads data breach response and data privacy/security risk assessments, information security compliance audits, and cyber investigations, including managing third-party forensic investigations. Joe also has led diligence efforts on all levels of business transactions that have identified and managed data-related issues having 7-figure potential impacts for buyers, sellers, investors, and insurers.
Joe?s experience covers multiple privacy and security issues facing entities in the private and public sectors. He has worked with clients in the development of data privacy and cybersecurity programs, global data breach response, cross-border data transfers, HIPAA, GDPR, GLB, security breach notification law compliance, and the cybersecurity and privacy issues related to government contracting. He regularly drafts and reviews technology licenses and transfer agreements, contracts involving data sharing, data flows, and management of the related legal risks and obligations, intellectual property and information technology, governmental privacy-related investigations, and corporate internal investigations. Joe also advises clients on the legal issues related to IoT risks, cloud services, AI, and big data analytics. He evaluates the software development process, privacy by design, and counsels clients on responding to software audit requests.
Joe has spent more than 15 years in general counsel and in-house roles and is known for understanding the issues clients face and working closely with each client to build tailored programs, policies and procedures appropriate for real-world problem solving for various businesses and industries regardless of their current stage of development.
PRACTICE AREAS
· Data Privacy and Security
· Intellectual Property
· Commercial
· Health Care
· Litigation
· White-Collar Defense and Investigations
4350 Lassiter at North Hills Ave., Suite 240 Raleigh, NC 27608 kaufCAN.com T (984) 222.8100 F (888) 360.9092 1 of 3
REPRESENTATIVE MATTERS
· Advised a private equity fund and its healthcare solutions portfolio company in the acquisition of a consulting, and data management company
· Has lead the privacy and cyber security diligence efforts on multiple multi-million dollar transactions
· Managed a global data breach involving 27 countries and more than 500 data servers
· Lead the response teams for hundreds of national and international data incidents and breaches
· Leads engagements for breach analysis, notification obligations, incident investigations, and regulatory compliance
· Coordinates forensic investigations
· Leads post-breach privacy and security gap remediation
· Oversees the buy-side and sell-side privacy/cybersecurity due diligence efforts for multi-million-dollar transactions
· Leads incident response preparations and tabletop exercises
· Develops and leads privileged forensic investigations, vulnerability assessments, and compliance reviews
RECOGNITION AND HONORS
· Certified in Health Care Privacy Compliance (CHPC®)
ASSOCIATIONS
· North Carolina Technology Association; Board of Advisors
· Duke Law Center for Judicial Studies - North Carolina Thought Leadership Committee; Member
· International Association of Privacy Professionals; Member
· Health Care Compliance Association; Member
· University HealthSystem Consortium; Data Privacy and Security Committee
· Center for Cybersecurity and Privacy Protection; National Advisory Board
· Center for Health Law & Policy; Advisory Council
· The Sedona Conference®; Member, Working Group Series Program, Data Security and Privacy Liability - Working Group 11; Member
· American Health Lawyers Association
· Association of Corporate Counsel, Northeast Ohio Chapter
· North Carolina Bar Association, Privacy & Data Security Section
· Cleveland Metropolitan Bar Association, Healthcare Practice Group
· Ohio State Bar Association
· American Bar Association
· National Asian Pacific American Bar Association American Bar Association
ADMISSIONS
· North Carolina
· Ohio
· United States District Court, Ohio
EDUCATION
· Malone University; B.A., 1989
· Cleveland State University Cleveland-Marshall College of Law; J.D., cum laude, 1993
PRESS & PUBLICATIONS
· Attorney at Law Magazine: Managing a Client?s Cybersecurity Risk
· Speaker, ?Like Healthcare Providers, Credit Unions are High Priority Targets for Hackers?, Carolinas Credit Union League (CCUL), LAUNCH 2023
· Speaker, ?Information Blocking: Chaos, Confusion, and Non-Compliance?, American Health Law Association (AHLA), Physicians and Hospitals Law Institute, January 2023
· Speaker, ?Data Privacy & Security Ethics?, 21st Annual Maynard Nexsen In-House Counsel Ethics CLE, October 2022
· Speaker, ?The Privacy Mindset of the U.S. v. EU: Implications for U.S. Businesses in a Post-COVID Era?, Federal Bar Association Annual Meeting& Convention, September 2022
4350 Lassiter at North Hills Ave., Suite 240 Raleigh, NC 27608 kaufCAN.com T (984) 222.8100 F (888) 360.9092 2 of 3
PRESS & PUBLICATIONS (CONT.)
· Speaker, To Infinity and Beyond: Coordinating Incident Response Obligations?HIPAA, State Law, International Law, and Beyond, American Health Law Association Fraud & Compliance Forum, September 2022
· Webinar Panelist, ?Cybersecurity in the Age of COVID-19,? Curi ? A Medical Mutual Co. Webinar, December 8, 2020
· Presenter, ?GDPR/Data Privacy,? NCACPA 81st Annual Virtual Conference, November 18, 2020
· Presenter, ?Incident Response,? NCACPA 81st Annual Virtual Conference, November 16, 2020
· Co-Panelist, ?Health Care Sector Deep Dive,? Cleveland-Marshall College of Law Cybersecurity & Privacy Protection Virtual Conference 2020, September 18, 2020
· Webinar, Co-Presenter, ?Managing Remote Access & Incident Response Remotely Workshop,? NC TECH Webinar in Partnership with TCDI, June 17, 2020
· Co-Presenter, ?Cyber Security,? NCACPA?s Business & Industry Spring Conference, May 20, 2020
· Co-Presenter, ?The Role of Cyber-Insurance,? WSJ Pro Cybersecurity Symposium, March 9, 2020
· Co-Presenter, ?Data Privacy, Cybersecurity, & HIPAA for Practitioners,? NCACPA?s 80th Annual Symposium, November 19, 2019
· Co-Presenter, ?Cyber Security and Health Care Privacy,? HCCA 2019 Healthcare Enforcement Conference, November 3, 2019
· Panelist, ?Cybersecurity Panel Discussion,? Total Computer Solutions, Greensboro, N.C., October 17, 2019
· Panelist, ?Pathways to Employment in International Law,? Duke University School of Law, September 25, 2019
· Speaker, ?Overview of Data Privacy/Cybersecurity and Practical Implications,? CED Accelerate Series, Research Triangle Park, N.C., June 25, 2019
· Co-Speaker, ?What Do Carnegie Hall and Good Security Incident Response Plans Have in Common?? HCCA?s 23rd Annual Compliance Institute, April 8, 2019
· Panelist, ?General Data Protection Regulation (GDPR) ? Info and Impacts,? Visit North Carolina 365 Conference, April 1, 2019
He advises and defends clients faced with state, federal, and foreign governmental agency enforcement and compliance investigations, leads data breach response and data privacy/security risk assessments, information security compliance audits, and cyber investigations, including managing third-party forensic investigations. Joe also has led diligence efforts on all levels of business transactions that have identified and managed data-related issues having 7-figure potential impacts for buyers, sellers, investors, and insurers.
Joe?s experience covers multiple privacy and security issues facing entities in the private and public sectors. He has worked with clients in the development of data privacy and cybersecurity programs, global data breach response, cross-border data transfers, HIPAA, GDPR, GLB, security breach notification law compliance, and the cybersecurity and privacy issues related to government contracting. He regularly drafts and reviews technology licenses and transfer agreements, contracts involving data sharing, data flows, and management of the related legal risks and obligations, intellectual property and information technology, governmental privacy-related investigations, and corporate internal investigations. Joe also advises clients on the legal issues related to IoT risks, cloud services, AI, and big data analytics. He evaluates the software development process, privacy by design, and counsels clients on responding to software audit requests.
Joe has spent more than 15 years in general counsel and in-house roles and is known for understanding the issues clients face and working closely with each client to build tailored programs, policies and procedures appropriate for real-world problem solving for various businesses and industries regardless of their current stage of development.
PRACTICE AREAS
· Data Privacy and Security
· Intellectual Property
· Commercial
· Health Care
· Litigation
· White-Collar Defense and Investigations
4350 Lassiter at North Hills Ave., Suite 240 Raleigh, NC 27608 kaufCAN.com T (984) 222.8100 F (888) 360.9092 1 of 3
REPRESENTATIVE MATTERS
· Advised a private equity fund and its healthcare solutions portfolio company in the acquisition of a consulting, and data management company
· Has lead the privacy and cyber security diligence efforts on multiple multi-million dollar transactions
· Managed a global data breach involving 27 countries and more than 500 data servers
· Lead the response teams for hundreds of national and international data incidents and breaches
· Leads engagements for breach analysis, notification obligations, incident investigations, and regulatory compliance
· Coordinates forensic investigations
· Leads post-breach privacy and security gap remediation
· Oversees the buy-side and sell-side privacy/cybersecurity due diligence efforts for multi-million-dollar transactions
· Leads incident response preparations and tabletop exercises
· Develops and leads privileged forensic investigations, vulnerability assessments, and compliance reviews
RECOGNITION AND HONORS
· Certified in Health Care Privacy Compliance (CHPC®)
ASSOCIATIONS
· North Carolina Technology Association; Board of Advisors
· Duke Law Center for Judicial Studies - North Carolina Thought Leadership Committee; Member
· International Association of Privacy Professionals; Member
· Health Care Compliance Association; Member
· University HealthSystem Consortium; Data Privacy and Security Committee
· Center for Cybersecurity and Privacy Protection; National Advisory Board
· Center for Health Law & Policy; Advisory Council
· The Sedona Conference®; Member, Working Group Series Program, Data Security and Privacy Liability - Working Group 11; Member
· American Health Lawyers Association
· Association of Corporate Counsel, Northeast Ohio Chapter
· North Carolina Bar Association, Privacy & Data Security Section
· Cleveland Metropolitan Bar Association, Healthcare Practice Group
· Ohio State Bar Association
· American Bar Association
· National Asian Pacific American Bar Association American Bar Association
ADMISSIONS
· North Carolina
· Ohio
· United States District Court, Ohio
EDUCATION
· Malone University; B.A., 1989
· Cleveland State University Cleveland-Marshall College of Law; J.D., cum laude, 1993
PRESS & PUBLICATIONS
· Attorney at Law Magazine: Managing a Client?s Cybersecurity Risk
· Speaker, ?Like Healthcare Providers, Credit Unions are High Priority Targets for Hackers?, Carolinas Credit Union League (CCUL), LAUNCH 2023
· Speaker, ?Information Blocking: Chaos, Confusion, and Non-Compliance?, American Health Law Association (AHLA), Physicians and Hospitals Law Institute, January 2023
· Speaker, ?Data Privacy & Security Ethics?, 21st Annual Maynard Nexsen In-House Counsel Ethics CLE, October 2022
· Speaker, ?The Privacy Mindset of the U.S. v. EU: Implications for U.S. Businesses in a Post-COVID Era?, Federal Bar Association Annual Meeting& Convention, September 2022
4350 Lassiter at North Hills Ave., Suite 240 Raleigh, NC 27608 kaufCAN.com T (984) 222.8100 F (888) 360.9092 2 of 3
PRESS & PUBLICATIONS (CONT.)
· Speaker, To Infinity and Beyond: Coordinating Incident Response Obligations?HIPAA, State Law, International Law, and Beyond, American Health Law Association Fraud & Compliance Forum, September 2022
· Webinar Panelist, ?Cybersecurity in the Age of COVID-19,? Curi ? A Medical Mutual Co. Webinar, December 8, 2020
· Presenter, ?GDPR/Data Privacy,? NCACPA 81st Annual Virtual Conference, November 18, 2020
· Presenter, ?Incident Response,? NCACPA 81st Annual Virtual Conference, November 16, 2020
· Co-Panelist, ?Health Care Sector Deep Dive,? Cleveland-Marshall College of Law Cybersecurity & Privacy Protection Virtual Conference 2020, September 18, 2020
· Webinar, Co-Presenter, ?Managing Remote Access & Incident Response Remotely Workshop,? NC TECH Webinar in Partnership with TCDI, June 17, 2020
· Co-Presenter, ?Cyber Security,? NCACPA?s Business & Industry Spring Conference, May 20, 2020
· Co-Presenter, ?The Role of Cyber-Insurance,? WSJ Pro Cybersecurity Symposium, March 9, 2020
· Co-Presenter, ?Data Privacy, Cybersecurity, & HIPAA for Practitioners,? NCACPA?s 80th Annual Symposium, November 19, 2019
· Co-Presenter, ?Cyber Security and Health Care Privacy,? HCCA 2019 Healthcare Enforcement Conference, November 3, 2019
· Panelist, ?Cybersecurity Panel Discussion,? Total Computer Solutions, Greensboro, N.C., October 17, 2019
· Panelist, ?Pathways to Employment in International Law,? Duke University School of Law, September 25, 2019
· Speaker, ?Overview of Data Privacy/Cybersecurity and Practical Implications,? CED Accelerate Series, Research Triangle Park, N.C., June 25, 2019
· Co-Speaker, ?What Do Carnegie Hall and Good Security Incident Response Plans Have in Common?? HCCA?s 23rd Annual Compliance Institute, April 8, 2019
· Panelist, ?General Data Protection Regulation (GDPR) ? Info and Impacts,? Visit North Carolina 365 Conference, April 1, 2019