Joseph Dickinson Photo

Joseph A. Dickinson, CHPC®



Joe is a seasoned data use, privacy, and cybersecurity lawyer with more than 30 years of business and legal experience advising technology and healthcare companies and government entities. He helps clients identify their data privacy and cybersecurity risks and design, implement, and manage programs and policies that minimize those risks.

Joe also assists clients with data breach response and conducts data privacy assessments, information security compliance audits, and cyber investigations, including managing third-party forensic investigations. He defends clients against state and federal governmental agency enforcement investigations.

He has assisted clients with the development of data privacy and cybersecurity programs, global data breach response, cross-border data transfers, HIPAA, GDPR, CAN-SPAM, and CCPA compliance, technology licensing and transfer agreements, contracts involving data flows and management of the related legal risks and obligations, intellectual property and information technology, governmental privacy-related investigations, and internal investigations related to corporate compliance. Joe works closely with each client to build tailored programs and policies appropriate for the business, industry, and stage of development. He also assists with IoT risks, cloud services, and big data analytics. Joe’s practice also includes evaluating the software development process, privacy by design, counseling clients on responding to software audit requests and advising on the risks associated with the use of the Internet across international jurisdictions.

Prior to joining Michael Best, Joe led the Data Use, Privacy, and Security practice of a major Research Triangle business law firm. Before transitioning back to private practice, he spent multiple years in-house as Chief Privacy and Chief Information Security Officer for a large Midwest academic medical system. He also managed the legal issues associated with global data sharing for a Big 4 accounting/consulting firm. With a background that spans both business and law, Joe has a firsthand understanding of the challenges his clients face and he is able to quickly create and operationalize data privacy and security programs for real world applications.

Joe is Certified in Healthcare Privacy Compliance (CHPC®), and is a recognized thought leader on data privacy, cybersecurity, and healthcare topics. He has presented at some of the nation’s most prestigious technology and healthcare conferences. Joe is also an active member of several key technology, legal, and healthcare-based industry associations.


  • Advised a private equity fund and its healthcare solutions portfolio company in the acquisition of consulting, and data management company.
  • Managed a global data breach involving 27 countries and more than 500 data servers.
  • Lead the response teams for hundreds of national and international data incidents and breaches.
  • Leads engagements for breach analysis, notification obligations, incident investigations, and regulatory compliance.
  • Coordinates forensic investigations.
  • Leads post-breach privacy and security gap remediation.
  • Oversees the buy-side and sell-side privacy/cybersecurity due diligence efforts for multi-million-dollar transactions.
  • Leads incident response preparations and tabletop exercises.
  • Develops and leads privileged forensic investigations, vulnerability assessments, and compliance reviews.
  • Assesses and operationalizes international data processing and data transfer protocols.

Professional Activities

  • Board of Advisors, North Carolina Technology Association
  • Member, Duke Law Center for Judicial Studies - North Carolina Thought Leadership Committee
  • Member, International Association of Privacy Professionals
  • Member, Health Care Compliance Association
    • Certified in Health Care Privacy Compliance (CHPC®)
  • Data Privacy and Security Committee, University HealthSystem Consortium
  • Cleveland-Marshall College of Law
    • National Advisory Board, Center for Cybersecurity and Privacy Protection
    • Advisory Council, Center for Health Law & Policy
  • The Sedona Conference®
  • Working Group Series Program, Data Security and Privacy Liability - Working Group 11
  • Member, American Health Lawyers Association
  • Member, Association of Corporate Counsel, Northeast Ohio Chapter
  • Member, North Carolina Bar Association, Privacy & Data Security Section
  • Member, Cleveland Metropolitan Bar Association, Healthcare Practice Group
  • Member, Ohio State Bar Association
  • Member, American Bar Association
  • Member, National Asian Pacific American Bar Association


Bar Admissions

Court Admission


Bar Admissions

Court Admission

back to top