Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

BigID Data Sheet: LGPD Compliance Automated

497 views

Published on

LGPD Compliance Automated:

Brazil's Data Protection Law (Lei Geral de Proteção de Dados or LGPD) establishes both a new set of obligations for companies processing personal data or using the data to provide services in Brazil, as well as a comprehensive set of individual data rights that incorporate explicit consent for specific purposes of processing. At the same time, the law also expands the definition for what data should be protected, including categories of sensitive data that require stronger protection. BigID is the first product to apply identity intelligence and smart correlation to the new privacy protection challenges, enabling companies to prepare, operationalize and automate their path to LGPD compliance

Published in: Software
  • Be the first to comment

  • Be the first to like this

BigID Data Sheet: LGPD Compliance Automated

  1. 1. www.bigid.com • info@bigid.com • @bigidsecure Your Customers' Privacy, Protected! Data-driven Compliance Automation for Brazil LGPD LGPD Compliance Automated Brazil's Data Protection Law (Lei Geral de Proteção de Dados or LGPD) establishes both a new set of obligations for companies processing personal data or using the data to provide services in Brazil, as well as a comprehensive set of individual data rights that incorporate explicit consent for specific purposes of processing. At the same time, the law also expands the definition for what data should be protected, including categories of sensitive data that require stronger protection. BigID is the first product to apply identity intelligence and smart correlation to the new privacy protection challenges, enabling companies to prepare, operationalize and automate their path to LGPD compliance. ML Driven Personal Data Discovery Under Article 5 of LGPD, personal data is defined as "any personal information related to an identified or identifiable a natural person." Traditional approaches to data discovery have focused only on a subset of personally identifiable information (PII), not how specific data values are related to an individual or context informs classification. For data controllers, this new definition creates the challenge of finding and mapping every individual's personal data across petabytes of varied data stores. BigID uses innovative correlation and identity intelligence to establish how identifiable data relates to a data subject, helping to uncover “dark data” and infer via correlation which attributes are associated with data subjects - not just PII. BigID automates discovery personal information inventory from ongoing discovery and classification across enterprise infrastructure (cloud, on-prem, structured and un-structured data sources). Your Customers' Privacy, Protected! Data Subject Rights Data subject rights, including the right to access, deletion, modification, and elimination, are central to the requirements laid out in Chapter III of LGPD to ensure ownership of personal data. To address subject data rights like access or elimination with accuracy and operationalize requests at scale, controllers require the ability to maintain an index of the personal information they collect and process across all enterprise data sources. BigID delivers the data intelligence foundation to discover personal information across an enterprise, the index whose data it is and seamlessly operationalize privacy management processes. BigID provides a comprehensive consumer information report that incorporates where consumer information was found, how it is related to a data subject, what categories of data are collected, and can incorporate the assigned purpose for collection.
  2. 2. www.bigid.com • info@bigid.com • @bigidsecure Your Customers' Privacy, Protected! Consent Governance Under LGPD, user consent is one of the foundational conditions for processing personal data - and the onus is on the controller to demonstrate that consent was given in accordance with the law. The law stipulates that consent must be tied to a specific processing purpose and revoked at any time. By aggregating and correlating consent records to specific data subjects, BigID provides the foundation to address the purpose of consent. BigIDʼ s unique ability to associate granular data insights with a particular individual based on consent agreement parameters enables controllers to implement into a practical inspection and validation tool for how personal data is collected and processed in terms of consent obligations. The BigID consent management console delivers a consolidated view into consent collection, status and validity, structured by data individual data subject, and per application. BigID is redefining personal data protection and privacy in the enterprise. Organizations are facing record breaches of personal information and proliferating global privacy regulations, with fines reaching 4% of annual revenue. BigID gives enterprises software to automate the security and management of structured and unstructured PI across datacenters and cloud. Using BigID, enterprises can better steward their most vital assets: their customer, employee and client data. For more information, email info@bigid.com or schedule a demo at bigid.com/demo How BigID Can Help Your Customers' Privacy, Protected! The LGPD emphasizes that controllers should adhere to security, technical and administrative measures to protect personal data, and the "controller shall notify the supervisory authority and the data subject of the occurrence of any security incident that may result in any relevant risk or damage to the data subjects, " according to Article 48. Controllers are required to provide specific information about the impact of security incident to data privacy within a timeframe defined by the supervisory authority, which can then require public disclosure. Based on BigIDʼs mapping of personal data, security teams can better understand their data breach risk and orchestrate security controls through APIs such as encryption or de-identification. In the event of an incident or data breach, Security and IT can quickly scope the impact and understand which consumer identities and attributes have been impacted by a breach based on BigIDʼs inventory of personal data and consumer identity by data source. Data Breach Assessment Data-driven Compliance Automation for Brazil LGPD

×