THE BRAZILIAN GENERAL DATA PROTECTION LAW (LGPD)
LGPD aligns with the existing legislation to the new international standard set by the EU’s General Data Protection Regulation (GDPR). LGPD will have extraterritorial application, the duty of compliance will exceed the geographical limits of Brazil, therefore, any foreign company that has at least a branch in Brazil or offers services to the Brazilian market and collects and treats personal data of data subjects located in the country, regardless of the nationality, will be subject to the new law.
Data management, data cataloguing and data lineage play a vital role in LGPD by understanding the data, its purpose for use and the mapping of its flow within an organisation, full transparency is available on who, why, when and how it is used. Solidatus helps to build a digital dashboard demonstrating to managers and the regulators on how personal data is being used, enabling the right to access to data, rectification, cancellation or exclusion, opposition to treatment, right to information and explanation about the use of data.
A significant additional right of LGPD is the ‘right to data portability’, the right allows a data subject not only to request an entire copy of their data but also to have them provided in an interoperable format. This right will require significant IT investment from Organisations to achieve, utilising Solidatus the complexity, costs and time to compliance are significantly reduced.
Solidatus for LGPD
Using Solidatus, an organisation can gain valuable insight into their data landscape. The tool enables an organisation to discover, document, catalogue, visualise and analyse their data and its lineage to understand what data they hold, what type of data they have, who uses it for what purpose and how it moves through their systems.
The Solidatus Data Privacy Module provides a digitised version of LGPD that enables an organisation to directly link regulatory clauses against their processes, the people that interact with them and the data that is generated and utilised by them. The Solidatus Data Privacy Module also allows organisations to track changes in the regulation over time to automatically assess impact of regulatory change. It also allows businesses to create a common taxonomy of several Data Privacy Regulations such as GDPR, CCPA, LGPD, etc to allow for simplification of implementation and reuse of regulatory work product. Organisations can additionally compare privacy regulations across several dimensions including, scope, jurisdiction.
Demonstrate PIA risk
Visualise and map Metadata
Proactive approach to compliance
principles for the processing of personal data
percent of the company's, group's or conglomerate's turnover in Brazil in its last fiscal year
(fifty million reais) per infraction
Becomes law February 2020
Accelerate your GDPR Compliance