Glossary

    B

    A B C D E F G H I L M N O P R S U V W

    Brazil General Data Protection Law

    • Description: Brazil's General Data Protection Law (LGPD) creates rules for the collection, processing, and storage of the personal data of Brazilian residents.
    • Origin: Enacted on August 14, 2018; effective September 18, 2020.
    • Impacts Data Types: Personal identifiers and sensitive personal data, such as health information and racial or ethnic origin.
    • Examples: Customer names, biometric data, and health records.
    • Potential Fines: Fines up to 2% of revenue in Brazil, capped at R$50 million per infraction.

    Breach Readiness

    • Description: This refers to an organization's level of preparedness to respond effectively to data breaches through planning, training, and testing.
    • Origin: Strategic best practice; no formal enactment or enforcement date.
    • Impacts Data Types: All sets of sensitive data.
    • Examples: The creation of incident response plans and conducting tabletop exercises.
    • Potential Fines: Heightened exposure to GDPR and HIPAA penalties due to lack of readiness.
    A B C D E F G H I L M N O P R S U V W