PLC 53/2018, also known as the Personal Data Protection Act, was approved by the Federal Senate with the aim of guaranteeing security and privacy for those whose information is collected by companies and public bodies.
Inspired by European Union legislation on the subject, the law gives citizens more control over how companies and government institutions use their information in digital and analog media, and could profoundly affect the way we operate. Do you want to understand this subject better? Then read on!
What is the Personal Data Protection Act?
As we said, the Personal Data Protection Act is a Supplementary Bill that regulates how companies and the government can use their customers' personal information.
It involves all kinds of sensitive information that is collected for commercial purposes or in the public interest, i.e. that is treated differently. This includes, but is not limited to, items such as:
- data on racial or ethnic origin;
- religious convictions;
- name,
- political opinions.
What does this law change?
The text of the Personal Data Protection Act is divided into 10 chapters and 65 articles. It covers any company or public body that has operations in Brazilian territory and requires users to give their consent for their information to be handled. If this is a condition for using the service, the user must be clearly informed.
It also defines the scenarios in which the processing of information may take place, including the following:
- sharing information for the implementation of public policies;
- credit protection;
- defining consumption profiles;
- claims in judicial, administrative or arbitration proceedings;
- studies carried out by research bodies (as long as the information does not allow the individual to be identified).
What are the penalties for companies that don't adapt to the law?
In fact, PLC 53/2018 brings harsh penalties for companies that are not in line with the new legislation. Punishments can range from warnings to daily fines of R$50 million. In addition, in some cases, the entity or company may have its actions involving data processing partially or totally interrupted.
How important is data security in this scenario?
Data security has undoubtedly become one of the main points of attention for businesses in recent years. And with the Personal Data Protection Act, this aspect of IT security management processes has become even more important.
To align with PLC 53/2018, the company can implement different information protection solutions, such as those that work with factors such as:
- preventing attacks;
- the identification of risks;
- controlling access to information;
- the data life cycle.
Together, they give the business the support it needs to align itself with local legislation and have an action plan against attacks. This way, it can operate with a more robust and reliable infrastructure.
Given all this, the Personal Data Protection Act should be seen by companies as an opportunity to improve their business infrastructure.
With it, businesses will have a more solid basis for defining work routines, mitigating risks and guaranteeing more quality for their IT processes, without customer information being exposed to third parties. This even applies to cloud computing environments!
So, did you like our article? Now, how about delving deeper into this subject? Also check out how to protect yourself in the cloud!
Leave a comment
See also:
iT.eam Copyright 2024 - Todos os direitos reservados.
Acesse nossa Política de Segurança da Informação. | Acesse nossa Política de Privacidade da Informação. | Acesse nossa Política Antissuborno e Anticorrupção. | Canal de Ética
