People must have control over their personal data and must understand the legal framework of digital businesses. This is because, unfortunately, users’ personal data are often illegally captured, which can compromise their privacy. This whole scenario led to the creation of the General Data Protection Regulation (GDPR) for the European Union, which came into force in May 2018, and now Brazil is preparing to adjust to the new law, very similar to the one that already exists in the Europe. After more than eight years of debates in civil society, Law 13.709 / 2018, the Brazilian Data Protection Law, arrives. The legislation (LGPD) was enacted on August 14, 2018 and is expected to come into effect, definitely, this year. In today’s article, we will know the main points of this legislation.
The holder of the data is the person that the law aims to protect and is the carrier of “personal data that are subject to treatment”, so that legal entities of a collective nature are excluded from the scope of the new law: this law is exclusively to protect people.
The concept of data processing is very important in this legislation and is defined as “any operation carried out with personal data, such as collecting, producing, receiving, classifying, using, accessing, reproducing, transmitting, archiving, storage, disposal, evaluation or control of information, modification, communication, transfer, diffusion or extraction”. This context is very broad and applies to all data processing operations carried out by an individual or collective person, both in the public sector and in the private sector. In order for the law to apply, this data processing must be carried out in Brazilian territory. In the case of foreign citizens, personal data are subject to the new law when they are collected in Brazil and when their treatment is intended to provide goods or services in Brazil.
Citizens will be able to require companies to delete their personal data, whenever requested by users. The new regulation allows the personal data of each citizen to be destroyed at his request.
Citizens may require companies to send their personal data in a format that allows them to be sent to another company, facilitating their migration and making it simpler to change service provision. Whenever a citizen changes banks or a television service provider, he or she will not have to provide his/her personal data again, as they can be easily migrated from one company to another.
Citizens will have full information about how companies treat their data, how they store it, how long they store it and with whom they share their information. The new law applies to all activities involving the use of personal data, including treatment over the internet.
Businesses and organizations have a duty to notify the competent authority in situations which put individuals at risk and to communicate to the citizen concerned all high-risk violations as quickly as possible so that appropriate action can be taken. In case of data leaks, the company must inform the competent authority (National Data Protection Authority, an indirect public administration body linked to the Ministry of Justice), which will be responsible for monitoring, implementing and enforcing the law , within a “reasonable period”.
In case of data leakage or any other violation of the law, fines may reach 2% of the billing, with a limit of R $50 million, and may also imply the suspension of the company’s activities.
Dealing with sensitive data is not easy. Theft of data and its consequent exposure can lead a business to bankruptcy. More than ever, companies are concerned with the protection of their information, as they know that data is extremely valuable today. The threats to data security are immense, so it is essential to ensure that we do everything to protect our organization’s most sensitive data. We leave in today’s article 4 essential tips for dealing with sensitive data!
Protecting data is essential, especially the most sensitive data. No business wants to see its data exposed, as such a situation can lead a business to bankruptcy. More than ever, companies are concerned about the security of their information as a result of the growing importance that data has gained in recent years. One of the most effective ways to protect confidential information is through data masking. Data masking aims at creating a structurally identical but not equal version of the data. This technique creates a database with fictitious but realistic information that can be used for testing and training purposes. Data masking solutions offer a variety of sophisticated scrambling techniques to protect sensitive data, irreversibly replacing it with unrealistic data while maintaining referential integrity of the database. It is therefore a real and growing need in contemporary organizations. In today’s article, we present the advantages of masking your data with Datapeers!
Today’s world is digital, so more and more companies are taking advantage of information and big data to gain relevant insights into markets and the business itself. Internet access is nowadays universal and the massive use of social media captures a huge volume of data. Data privacy is one of the key challenges facing companies today. There is a growing collection of user data, and more and more computer attacks that expose private data and cause huge financial losses to businesses. To combat these threats and to ensure that sensitive information remains private, several countries and regions have begun to implement measures to punish organizations that don’t safeguard information security. In today’s article, we will learn about the new data protection laws in the world!
GDPR fines are high and in case of default there is much more to lose than just money: reputation, good image with customers and trust by stakeholders is damaged and may even lead to the end of the business. Therefore, it is essential for companies to be able to protect their information at different stages of the data-processing process, and masking of data is increasingly becoming an alternative that companies use. In today’s article, let’s see how data masking can prevent GDPR fines!
Digital transformation is a reality in all areas. Technologies leverage a broad set of opportunities to satisfy diverse needs, optimizing available resources and reducing the risks associated with the use of technologies. The health sector is one of the sectors that most care must have in the processing of personal data, ensuring the privacy of patient data. With the entry into force of the new GDPR, the importance of protecting data in the health sector is even more evident. We discuss in this article the main implications of the treatment of personal data in the health sector.
The new general data protection regulation came into effect in May this year and despite all the information that has been generated around this new law, the truth is that many companies still feel lost and have not yet begun to protect their information. For this reason, we have prepared a definitive guide with all the information you need to know to protect your business under the new data protection law!
Business data is gaining increasing importance in companies, which makes managers pay increasing attention to the security of their information. Data protection laws (such as the GDPR in Portugal and the European Union and the LGPD in Brazil) reinforce the increasing need to protect the data that is generated daily. In today’s article we leave you 5 good reasons to invest in protecting your company’s data!
Masking the data has the main purpose of protecting confidential data against unauthorized access. In practice, data masking tools create a version similar to the original data in terms of structure but without revealing its true information. In fact, its original format remains unchanged but the data presented is fictitious. Masked data can be used in test and auditing environments without compromising the result of the analysis, but always ensuring the confidentiality of sensitive information. In a time when it is increasingly important to protect sensitive information, the use of data masking has increased significantly. In today’s article, we’ll introduce you to 5 reasons why your business starts using data masking right now!
The General Regulation on Data Protection entered into force with mandatory character in the European Union on May 25 and there are still some doubts regarding its scope of action. One of the most debated issues has been related to the DPO – Data Protection Officer – a figure that comes with the creation of this new legislation. In today’s article, we will address all issues related to the DPO, the new profession created by the GDPR!