To support companies in the prevention and management of incidents involving personal data, IAB Brazil launched the "Guide to Security Incidents with Personal Data". The guide, that meets the needs of various members, was developed by the Working Group on Legal Affairs and, besides, counted on the participation and involvement of representatives from various companies. The material presents guidelines for incident response, assisting organizations in complying with the General Data Protection Law (LGPD) and strengthening their privacy governance.
In light of the growing digitalization of businesses and the increasing challenges related to information security, the guide details the best practices for preventing and mitigating risks. The document clarifies the role of data processing agents – drivers, operators and supervisors – and guides on the classification of incidents according to impact and risk level
The guide also explains the mandatory communication protocols, including notification to the National Data Protection Authority (ANPD) and to the data subjects, in high-risk cases. IAB Brazil developed a step-by-step guide for the proper reporting of occurrences within a period of three business days, as provided for in the current legislation
Information security is an essential pillar for building digital trust. We developed this guide with the aim of empowering companies and professionals to respond appropriately and efficiently in the event of security incidents, ensuring transparency and damage mitigation, says Denise Porto Hruby, CEO of IAB Brazil
Available for download on the IAB Brazil website, the material can be accessedhere.
