Brazil enacted a comprehensive general data protection law, the "Lei Geral de proteção de Dados" (LGPD), in August 2018. After some initial delays, the LGPD is set to come into effect on August 15, 2020. The LGPD was tailored after the European Union's General Data Protection Regulation (GDPR). It will supplement, but not replace, existing data privacy laws in Brazil.
The LGPD creates a new legal framework for the use of personal data processed on or related to individuals (data subjects) in Brazil, regardless of where the data processor is located. The LGPD also applies to organizations that intend to offer good or services to individuals in Brazil.
The LGPD provides data subjects with rights similar to those afforded under the GDPR, including the right to:
The LGPD created a new National Data Protection Authority, the Autoridade Nacional de Proteção de Dados (ANPD), to oversee and enforce the requirements of the new law. The LGPD prescribes hefty fines for violations, including fines of up to 2% of a company's sales revenue and 50 million Brazilian Real per violation (1 Brazilian Real = 0.20 United States Dollars as of 3/23/2020).
Although the LGPD largely mirrors the GDPA, there are some differences. Organizations with operations in Brazil should carefully review the new requirements, review and update their data inventories completed for GDPR and other privacy laws, update their privacy impact assessments, and implement a LGPD compliance program to ensure that they can, among other things, provide these new rights to individuals in Brazil and maintain an agile data subject consent management system.
CENTRL's Privacy360 (LGPD Edition) provides an out of the box application tailored to the requirements of the LGPD. It is the most advanced integrated privacy management platform that offers distinct modules that allow organizations to comply to multiple privacy regulations.
By using CENTRL's Privacy360, your organization can easily manage a multitude of templates, checklists and questionnaires while providing the control to monitor, evaluate and create audit reports allowing you to focus on the results instead of the process.