Faculty Profile: Justin Joy

Justin Joy is a shareholder in the Memphis office of the law firm Lewis Thomason, PC.  He leads Lewis Thomason’s cybersecurity practice group and is the firm’s privacy officer.  He provides counsel to clients in a variety of industries in the area of information privacy and cybersecurity including incident investigation and breach response management, regulatory compliance, privacy and security policy review and drafting, and cyber risk management.  Specifically in the area of healthcare, Mr. Joy counsels regulated entities on a variety of matters pertaining to HIPAA Privacy Rule, Security Rule, and Breach Notification Rule compliance.  Mr. Joy speaks frequently to various groups and organizations on the topic of information privacy and cybersecurity.  In addition to HIPAA, he also advises healthcare organizations regarding a number of regulatory matters and represents healthcare professionals and entities in state and federal investigations.

Mr. Joy also regularly represents businesses and individuals in a variety of litigation matters including professional liability claims, insurance coverage disputes, business torts, and commercial disputes.  In addition, Mr. Joy frequently advises business clients regarding a range of governance, operational and strategic matters.

He is a Certified Information Privacy Professional/US (CIPP/US) and a Certified Information Privacy Technologist (CIPT) through the International Association of Privacy Professionals.  Justin speaks frequently to groups and organizations on the topic of information privacy and cybersecurity at a variety of events.  He is a 2001 graduate of Wake Forest University and holds a law and MBA degree from the University of Memphis.