In order to protect individuals from having their data processed exposed without their authorization, violating privacy and intimacy, the General Data Protection Law - LGPD, inspired by the European Data Protection Regulation, was prepared. The LGPD applies to both physical and digital files.
The LGPD - Law No. 13,709 of 2018 provides for provisions regarding the processing of sensitive personal data, which are those on racial or ethnic origin, religious belief, political opinion, union membership or organization of a religious, philosophical or political character , data related to health or sexual life, genetic or biometric data, when linked to a natural person.
Know more: what is an IT tech?
Data processing agents must adopt security, technical and administrative measures to protect personal data from unauthorized access and from accidental or unlawful situations of destruction, loss, alteration, communication or any form of improper or unlawful treatment. It should be noted that the company will be penalized if data leakage occurs, even if accidental.
Given the above, the importance of adopting information security and cybersecurity in companies is perceived, considering that the occurrence of cyber attacks has been increasing. The organization must seek to ensure information security, map all information and data that is stored, verify the existence of sensitive data, which require specific treatment, guide its employees with regard to data and information protection and care to the use the network.