ANPD publishes information security guide for small businesses to comply with the LGPD

Camila Vieira Guimarães
Lawyer at Marcos Martins Advogados

On October 4, the National Data Protection Agency (ANPD) published a guide to adapting to the General Data Protection Law (LGPD) for micro-enterprises, small businesses and startups. Considered to be organizations with simpler structures, they often don’t have staff specialized in information technology to properly handle the personal data involved in business operations.

The guide proposes information security measures aimed at safeguarding personal data processed by small businesses, such as implementing an information security policy, albeit simplified, containing the flow of personal data processed, raising awareness and training staff and signing confidentiality agreements both with internal employees and with clients, suppliers and partners.

The guide comes with a checklist for the organization’s internal control.

Since August 1, 2021, companies that process personal data at any level and in any segment are subject to inspection. Fines can reach up to 2% of the company’s turnover, limited to R$50 million per infraction.

Access the guide and checklist here.

Marcos Martins Advogados is available to find strategic solutions for your needs, with a specialized team to adapt your company to the LGPD.

Any questions? Talk to our lawyers and receive guidance.

Share on social media