Justin Joy is a shareholder in the Memphis office of the Lewis Thomason law firm. He also serves as the firm’s privacy officer. In addition to a range of experience in litigation and business law matters, Justin heads up Lewis Thomason’s Data Security, Artificial Intelligence, and Information Governance practice group. He provides counsel to clients in a number of business sectors in the area of information privacy, data security, and governance including incident investigation and breach response management, regulatory compliance, privacy and security policy review and drafting, responsible use of artificial intelligence, and cyber risk management. Specifically in the area of healthcare, Justin counsels covered entities and business associates on a variety of matters pertaining to HIPAA Privacy Rule, Security Rule, and Breach Notification Rule compliance. He also defends regulated clients in investigations arising from privacy and security incidents.

Justin is a certified Artificial Intelligence Governance Professional (AIGP), Information Privacy Professional/US (CIPP/US), and Information Privacy Technologist (CIPT) through the IAPP, formerly known as the International Association of Privacy Professionals. He is also a Certified Information Security Manager (CISM) through ISACA, an international association credentialing professionals in the digital trust fields such as information security, governance, assurance, risk, privacy and quality