Lei Geral de Proteção de Dados Pessoais (LGPD)
Wiping & Encryption Compliance for the Lei Geral de Proteção de Dados Pessoais (LGPD) in Brazil
Strengthening Brazilian Cybersecurity with Wiping & Encryption for LGPD Compliance
The Lei Geral de Proteção de Dados Pessoais (LGPD) is a Brazilian legislation, translated as the General Law for the Protection of Personal Data. Inspired by GDPR in the EU, the LGPD has many similarities to the European regulation. The LGPD was introduced in August 2018 and the sanctions will be effective from August 1, 2021. A robust and effective approach incorporates both data wiping and encryption.
LGPD Data Wiping
- The LGPD addresses data wiping under the ‘Right to Erasure,’ as stated in Articles 5, 16 and 18.
- LGPD’s ‘Right to Erasure‘ mandates data deletion when it is excessive, unnecessary or collected unlawfully, and requires data to be erased upon request if consent was the basis for collection.
- To help your organization with LGPD compliance, we offer BCWipe to wipe selected files and folders and BCWipe Total WipeOut to erase entire hard drives.
LGPD Encryption
- LGPD defines personal data as information linked to an identifiable person. Article 12 states:
“Anonymized data shall not be considered personal data, for purposes of this Law“ - One of the most effective ways of anonymizing personal information is by using encryption.
- To help your organization with LGPD compliance, we offer BestCrypt Container Encryption to safeguard files and folders and BestCrypt Volume Encryption to protect entire hard drives.
With Jetico, You Can
To help your organization with LGPD compliance, we offer data wiping and encryption solutions:
Need Help with LGPD Compliance?
Our data protection experts are here for you.
About LGPD Compliance
The Lei Geral de Proteção de Dados Pessoais (LGPD) is Brazil’s General Data Protection Law that aims to safeguard the privacy of Brazilian citizens by regulating personal data processing. The National Data Protection Agency (ANPD) is responsible for enforcing the law and ensuring compliance across sectors.
The LGPD requires compliance for people, businesses, public institutions and charities that process the data of Brazilian citizens, wherever they are based. The regulation applies to people and organizations that are processing:
- Personal data in Brazil
- Personal data that was collected in Brazil
- Personal data to offer goods or services in Brazil
Part of the LGPD regulation is the ‘Right to Erasure’, which is very similar to GDPR’s ‘Right to be Forgotten‘. This control is split into two sections, with the first part outlining that data must be deleted if it is excessive, unnecessary or unlawful. The second section requires data to be deleted on request if it has been collected based on consent.
Be sure to check out our other blogs covering compliance strategies and best practices, and learn how to meet the data wiping guidelines of the LGPD law.
News & Blogs
Stay updated with the latest news, insights, trends and expert tips on data protection and cybersecurity
Check back here regularly for news and blogs