Legal Guidance and Research / Experts / Justine Naessens
Justine Naessens#12243

Justine Naessens

Jones Day
Justine Naessens advises clients on EU and national regulatory matters in the life sciences area, including biotechnology, pharmaceuticals, medical devices, and food and cosmetics.

Justine assists companies in the entire lifecycle of products from early development stages to manufacturing, marketing, post-marketing, and pricing and reimbursement issues, as well as in M&A and other corporate transactions. Justine often assists clients in connection with regulatory matters involving the use of digital technologies in the health care sector, such as the classification of software as a medical device, the use of artificial intelligence (AI) in product development, and associated privacy (General Data Protection Regulation [GDPR]) requirements.

Practice Area

Panel

  • Contributing Author

Qualifications

  • Bachelor in Law (Ghent University) (2018)
  • Master in Law (Ghent University) (2020)
  • LLM in Technology, Media and Telecommunications and in Intellectual Property Law (Queen Mary University of London) (2021)

Education

  • University of Ghent (2020)
  • University of Bologna (2019)
  • Queen Mary University of London (2021)

2 Contributions by Justine Naessens

EU and UK GDPR for Life Sciences: clinical trials, special category data, research, governance, transfers and sanctions; DUAA 2025–26, EHDS, Data Act and EU AI Act
PRACTICE NOTES
EU and UK GDPR for Life Sciences: clinical trials, special category data, research, governance, transfers and sanctions; DUAA 2025–26, EHDS, Data Act and EU AI Act
General Data Protection Regulation (EU GDPR) and UK GDPR The General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR), became enforceable across the EEA (which then included the UK) on 25 May 2018. Life sciences organisations frequently collect and/or process substantial amounts of personal information, including health-related data, about individuals (or ‘data subjects’) such as patients and clinical trial participants. As a result, the relevance of the EU GDPR and the United Kingdom General Data Protection Regulation, Assimilated Regulation (EU) 2016/679 (UK GDPR) (which applies after the UK’s withdrawal from the EU) for life sciences companies cannot be underestimated. Assimilated law is the term used for retained EU law (REUL) that remains operative after the end of 2023. The reclassification of REUL (and related terminology) as assimilated law marks a change in its status and handling under UK law, in that it is generally to be interpreted according to ordinary domestic legal principles. From 1 January 2024, REUL is ‘assimilated’ into domestic law because it is, in most cases, stripped of EU-derived interpretative effects (for example, the supremacy of EU law, directly effective rights, and general principles previously retained under the European Union (Withdrawal) Act 2018). For further information, see Practice Note: Assimilated law and...
Life Sciences
EU GDPR in the life sciences: health data, research, consent, pseudonymisation, compliance, transfers, and interplay with pharmacovigilance, MDR/IVDR, EHDS, the Data Act and the AI Act
PRACTICE NOTES
EU GDPR in the life sciences: health data, research, consent, pseudonymisation, compliance, transfers, and interplay with pharmacovigilance, MDR/IVDR, EHDS, the Data Act and the AI Act
The General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) The General Data Protection Regulation (Regulation (EU) 2016/679, the EU GDPR) has applied across the EEA since 25 May 2018. Organisations in the life sciences gather and/or handle volumes of personal information, including health data, relating to individuals (the ‘data subjects’), notably patients and participants in clinical trials. As such, the relevance of the EU GDPR to life sciences businesses is considerable. This Practice Note outlines elements within the EU GDPR framework that have a direct bearing on life sciences companies and their operations. It is not an exhaustive treatment of the EU GDPR and should be read alongside the following Practice Notes: Data protection principles; Processing personal data—standard of consent; and Processing personal data—obtaining, recording and managing consent. For further detail on how clinical trials interface with data protection rules, see Practice Note: Conducting clinical research—data protection implications. Note, this Practice Note addresses provisions of the EU GDPR that apply in EEA countries at the supranational level only—consult guidance from the competent national data protection authorities and domestic legislation for the approach in any given EEA jurisdiction. For a primer on the EU GDPR framework, bringing together key practical...
EU Law
Expert page AD
If you expected to see yourself on this page, click here.