The protection of personal data is a topic that is expanding into ever larger spaces. This issue is debated by legislators, members of the judiciary, specialized professionals and the sectors responsible for regulatory standards.
In this way, the most recent drafts of general data protection laws have already been discussed in various forums, with public hearings and consultations.
A huge amount of information is created every day in the business world, and it passes through public and private networks.
Meanwhile, regulatory standards are emerging to keep up with the ever-increasing demand for protection and privacy. They also think about the proper storage of organizational information.
There are currently several regulatory standards/legislations around the world that require data protection. The main regulatory standards in the global industry include:
- SOX(Sarbanes Oxley): American law that aims to guarantee the creation of reliable auditing and security mechanisms in companies. In it, data protection is included in sections 302 and 404.
- ISO 27001: Information security management standard widely used in the market. For this regulatory standard, one of the important requirements is data protection.
- Data Protection Act (DPA): UK legislation on data protection.
- Marco Civil da Internet: Law that regulates the use of the internet in Brazil, where it is necessary to guarantee the protection of personal data.
- General Data Protection Regulation (GDPR): European law that regulates data protection and comes into force in 2018.
These are just a few examples of regulatory standards that are increasing the quest for data protection. With corporate data assets on the rise, companies are increasingly creating strategies to preserve customer and product data.
For example, imagine if customer data was leaked to the competition. This would affect the organization and customers, resulting in financial loss, loss of trust, lawsuits, as well as various other problems.
What can I do to protect my data?
Jaime Muñoz, director for Latin America at Boldon James, says that it is necessary to bear in mind several factors that contribute to guaranteeing data protection.
In addition, mechanisms and processes must be put in place that can guarantee knowledge of the level of sensitivity of information, its degree of confidentiality and how it can be transmitted inside and outside the company.
“The Brazilian market has stood out in the company’s global expansion strategy, with multinational clients with a strong presence in Brazil who have managed to increase their data protection capacity in a global scenario of Big Data explosion and constant volatile threats.
Organizations are looking to protect their critical information, and one of the biggest risks is the accidental loss of data within the organization itself,” explains Munõz.
Finally, regulatory standards push companies to adopt policies to protect their customers’ data.
Data security administrators should discuss with their colleagues how to put this into practice, as it is not always trivial or even easy to implement the requirements of these standards.
Certainly, the new technologies available, processes and people are key elements in this process.
A Eval está há mais de 18 anos desenvolvendo projetos nos segmentos financeiro, saúde, educação e indústria. Desde 2004, oferecemos soluções de Autenticação, Assinatura Eletrônica e Digital e Proteção de Dados. Atualmente, estamos presentes nos principais bancos brasileiros, instituições de saúde, escolas e universidades, além de diferentes indústrias.
Com valor reconhecido pelo mercado, as soluções e serviços da Eval atendem aos mais altos padrões regulatórios das organizações públicas e privadas, tais como o SBIS, ITI, PCI DSS, e a LGPD. Na prática, promovemos a segurança da informação e o compliance, o aumento da eficiência operacional das empresas, além da redução de custos.
Inove agora, lidere sempre: conheça as soluções e serviços da Eval e leve sua empresa para o próximo nível.
Eval, segurança é valor.