AdvanBiz addresses the new LGPD (Brazilian version of the European GDPR – General Data Protection Regulation) with a pragmatic perspective by following a roadmap that covers the different corporate aspects in the process of seeking compliance for their clients.
In this context, human being is the transforming agent. He is the one who participates, who acts, who makes improvements, who ensures compliance and, subsequently, the maintenance of actions.
Our approach with our clients begins with a detailed presentation as well as the discussion of the LGPD in its various aspects, pointing out the consequences (including heavy fines) in case of non-compliance to the regulation.
Workshops break down barriers leading to a unique chain of thoughts and actions in a converging manner, raising awareness, engaging and seeking the spontaneously and collaboratively participation of all stakeholders in the future phases. It is important to note that this work does not end with the achievement of compliance! It is essential to repeat training in a regular manner, keeping the process active in order to ensure its continuity. A corporate culture of diligence for sensitive personal data (such as names, addresses, IDs/documents, gender, beliefs, etc.) and the obligation to keep them confidential must be widely disseminated and regularly enforced.
In the technical field, the use and mastery of appropriate tools and technologies for data lifecycle management is of fundamental importance. Due to the volume of data as well as the need for continuous and permanent monitoring, the manual execution of these processes is unfeasible, as it would require a huge effort of a team of professionals with different profiles for long periods. Additionally, there is always the risk of human failure, which would increase the risk of exposure to non-conformities.
Still in the technical sphere, protection against cyberattacks needs to be regularly reviewed and inspected and, if none existed, implemented and maintained. All levels of access, whether logical or physical, must be continuously tested and monitored by experienced and certified professionals, who should make use of robust, proven and up-to-date tools. Vulnerability testing services and SOC (Security Operation Center) managed services are equally essential.
As for the legal side, it is required a trained and prepared legal team to assist companies in reviewing and adjusting their processes and procedures, either with internal customers (in the various areas of the company), or with external customers (including suppliers), in order to ensure compliance with legal requirements and full compliance with them.
AdvanBiz has in its staff highly qualified professionals with legal and technological training, capable of delivering high quality services and solutions, aiming at the adaptation of its clients to the LGPD, which will come into force in August 2020.