Legal Guidance and Research / Experts / Lucie Fournier
Lucie Fournier#12594

Lucie Fournier

Jones Day
Lucie Fournier advises clients on European data protection, privacy, and cybersecurity laws. She works closely with multinational organizations in various industry sectors, including the life sciences and health care sector.
 
Lucie assists biotechnology, pharmaceutical and medical devices’ companies on European data protection laws, including the General Data Protection Regulation (GDPR) and UK GDPR. She regularly advises cutting-edge technology clients on global data protection compliance projects, informed consent forms, data processing agreements, international data transfers, data merging and portability schemes and data protection impact assessments.
 
Lucie also advises life sciences and healthcare clients on data protection and cybersecurity issues in cross-border M&A transactions.

Practice Area

Panel

  • Contributing Author

Qualified Year

  • 2019

Experience

  • Paris, US Law Firm (2018 - 2018)
  • UK multinational company for Defense, Aerospace, and Cybersecurity (2016 - 2017)

Membership

  • Paris and Brussels Bar

Qualifications

  • Bar Exam (CAPA) (2019)
  • LL.M in International Commercial Law (2014)
  • Master in Law (2013)
  • Bachelor in Law (2011)

Education

  • Toulouse Bar School (France) (2019)
  • Dundee University (United Kingdom) (2014)
  • Pau University (France) (2008-2013)

1 Contributions by Lucie Fournier

EU and UK GDPR for Life Sciences: clinical trials, special category data, research, governance, transfers and sanctions; DUAA 2025–26, EHDS, Data Act and EU AI Act
PRACTICE NOTES
EU and UK GDPR for Life Sciences: clinical trials, special category data, research, governance, transfers and sanctions; DUAA 2025–26, EHDS, Data Act and EU AI Act
General Data Protection Regulation (EU GDPR) and UK GDPR The General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR), became enforceable across the EEA (which then included the UK) on 25 May 2018. Life sciences organisations frequently collect and/or process substantial amounts of personal information, including health-related data, about individuals (or ‘data subjects’) such as patients and clinical trial participants. As a result, the relevance of the EU GDPR and the United Kingdom General Data Protection Regulation, Assimilated Regulation (EU) 2016/679 (UK GDPR) (which applies after the UK’s withdrawal from the EU) for life sciences companies cannot be underestimated. Assimilated law is the term used for retained EU law (REUL) that remains operative after the end of 2023. The reclassification of REUL (and related terminology) as assimilated law marks a change in its status and handling under UK law, in that it is generally to be interpreted according to ordinary domestic legal principles. From 1 January 2024, REUL is ‘assimilated’ into domestic law because it is, in most cases, stripped of EU-derived interpretative effects (for example, the supremacy of EU law, directly effective rights, and general principles previously retained under the European Union (Withdrawal) Act 2018). For further information, see Practice Note: Assimilated law and...
Life Sciences
Expert page AD
If you expected to see yourself on this page, click here.