Faculty Profile: Justin Joy

Justin Joy is a shareholder in the Memphis office of the law firm Lewis Thomason, PC. He leads Lewis Thomason’s Data Security, Artificial Intelligence, and Information Governance practice group and is the firm’s privacy officer. He provides counsel to clients in a number of business sectors in the area of information privacy, data security, and governance, including incident investigation and breach response management, regulatory compliance, privacy and security policy review and drafting, responsible use of artificial intelligence, and cyber risk management. Specifically in the area of healthcare, Justin counsels covered entities and business associates on a variety of matters pertaining to HIPAA Privacy Rule, Security Rule, and Breach Notification Rule compliance. He also defends regulated clients in investigations arising from privacy and security incidents. 

Justin also regularly represents businesses and individuals in a variety of litigation matters, including professional liability claims, insurance coverage disputes, business torts, and commercial disputes. In addition, Justin frequently advises business clients regarding a range of governance, operational, and strategic matters.

Justin is a certified Artificial Intelligence Governance Professional (AIGP), Information Privacy Professional/US (CIPP/US), and Information Privacy Technologist (CIPT) through the IAPP, formerly known as the International Association of Privacy Professionals. He is also a Certified Information Security Manager (CISM) through ISACA, an international association credentialing professionals in the digital trust fields such as information security, governance, assurance, risk, privacy, and quality.