02C-LGPD modeled after GDPR and implemented many similar requirements

Who is impacted?

Any organization or business that processes the personal data of people in Brazil, regardless of where that business or organization itself might be located, is subject to the Brazilian General Data Protection Law or LGPD.

Key Takeaways:

LGPD modeled itself after GDPR and implemented many of the same requirements

: Organizations must always maintain and protect data and quickly report breaches.

Penalties

LGPD fines are 2% of global revenue or $13.5 million USD per infraction

Additional GDPR mandates

Organizations of any size must appoint a Data Protection Officer responsible for implementing best practices
Organizations must implement technical and administrative procedures to protect data from breach
Data must be destroyed within the four walls of an organization as LGPD explicitly requires organizations always maintain control of their dataIndividuals have the right to request their data is properly deleted (LGPD Article 7)
Organizations, businesses, and controllers of data must communicate and report a data breach in a reasonable time period (LGPD Article 48)

White Paper | May 2020 QUICK LINKS:

GDPR

|

NIST

|

LGPD

|

CCPA

SHARE THIS WHITE PAPER

To meet United States and International regulations, TechR2 is recognized for compliance with GDPR, NIST and all governmental regulations concerning data destruction. | Copyright ©2020. Tear-A-Byte® is a registered trademark of TechR2.

Contact TechR2

Learn about Tear-A-Byte®

Schedule an Overview