Inspired by the European regulation (General Data Protection Regulation - GDPR), the Brazilian General Data Protection Act (in Portuguese, LGPD, Lei Geral de Proteção de Dados) establishes rules on collecting, handling, storing and sharing of personal data managed by organizations. The legislation is part of the Brazilian context of progressive adaptation to the best global data management practices and it covers all companies that offer services or have operations involving data handling in Brazil.
With the presidential approval, in August 2018, companies will have until 18 months to adjust to the new rules. Companies that violate the new law will be subject to the application of fines that can reach up to 2% of the organization's revenue, with a limit of R$50 million per violation.
In addition to securing individual rights, the LGPD aims to encourage the sustainable development of the economy and the businesses, based on the best international practices.
In addition to establishing new compliance standards, organizations can leverage the LGPD for obtaining a competitive advantage in the use of such data, with a correct planning and the application of good privacy practices.
Deloitte has a multidisciplinary team to provide integrated solutions and support organizations in adapting to the new legislation, as well as in the resolution of possible incidents.
See examples of how Deloitte can help your business to address this challenge:
The Deloitte Cyber from Risk Advisory area has developed a six-step program to support companies in structuring and implementing a robust compliance plan for the LGPD and the GDPR:
While cybersecurity acts in the prevention, the Deloitte Forensics front helps to reconstruct the facts and draw up effective measures in case of incidents in the digital environment, such as data leakage.
Opens in new window