What You Need to Know about Brazil’s New Personal Data Protection Regulation Now
Updated March 17, 2020
The implementation of the EU’s General Data Protection Regulation (GDPR) unleashed a wave of new privacy legislation across the world, spreading across the Atlantic to Brazil. On August 14, 2018, the Brazilian Federal Senate signed the Brazilian Personal Data Protection Regulation, referred to as the “LGPD” (derived from its Portuguese title), into law. On July 8, 2019, the final version of the LGDP was approved by current Brazilian President Jair Bolsonaro. The LGPD bears resemblance to the GDPR, though it is lighter and broader in scope.
The LGPD was set to take effect in February 2020, but this deadline was extended another six months to August 16, 2020, giving both Brazilian policy makers and companies operating in Brazil a little more time to prepare for implementation. This post aims to provide organizations with insights into the key elements of the law, including the scope, legal bases for processing, key implementation factors, and penalties for non-compliance.
Cookies and Compliance: How Key Data Privacy Regulations Impact Cookie Management
Using online cookies has become ubiquitous among organizations across all industries due to their ability to enhance and simplify user experience and to inform the business on its client base. However, since cookies allow businesses to track, store, and share user behavior, cookies are now the source of privacy concerns for consumers and security and compliance risks for businesses.
A recent study by Cisco found that over 84% of global consumers want more control over how their data is being used. This call for increased privacy rights and digital transparency has motivated privacy regulations like the GDPR and the CCPA to target cookie use to address the risks associated with cookies and data protection.
Privileged Account Onboarding: Are You Asking the Right Questions?
In 2020, there are a host of privileged access management (PAM) tools available, each with their own set of cool features. But the success of your PAM solution implementation isn’t solely reliant on the PAM provider you choose, but also on how your organization defines and views PAM. Regardless of which PAM platform(s) your organization chooses to deploy, there are many factors to consider when establishing deployment deadlines. Those factors include:
What does the term “privileged account” mean in my organization? Is that definition consistent across all business units with privileged accounts?
How many privileged accounts exist in the enterprise environment? Do you know? How confident are you in that number?
How will this tool impact day-to-day activities?
Do I have leadership buy-in for the implementation of this tool?
What if I lose access to this tool? Are there tested/effective break-glass procedures?
In this post, we will look at how to define PAM within your business, how to identify and categorize privileged accounts, how to prioritize privileged accounts, and how to build your roadmap to PAM success.