Today's society is already considered informational and with the popularization of the internet, the advancement of Artificial Intelligence and Big Data, the amount of data created and stored is growing exponentially, making the protection of personal data increasingly important. In this context, it is understood that the main objective of LGPD is to ensure that the processing of personal information is designed to protect individuals, protecting values such as freedom and privacy.
That being the case, LGPD - General Data Protection Law, presents major challenges to all organizations, including the health sector, since they use a variety of sensitive information from customers, employees and suppliers. Healthcare companies, such as clinics and hospitals, are among the most impacted by LGPD, due to the volume of sensitive data generated daily, such as personal data, requested exams, exam results, medical history, and others.
Since the LGPD has wide and general applicability, simple access to personal data is already considered as a treatment step. For this reason, specialists recommend, for example, the use of a document signed by patients with their consent to use their data, describing the history of the processing of the information, as well as its respective steps, starting with the collection of the data until its storage.
Specifically to the health sector, LGPD will have a significant impact on the way in which health institutions handle patient data. Each one must find the best way to implement the LGPD, assuring patients and others involved the protection of their data. In parallel, they need to find appropriate methods for data subjects to access their data. It also highlights the importance of internal training to train employees on action plans, with the objective of a change in organizational culture to comply with data protection compliance and the right to confidentiality and privacy of patients and those involved.
There are many compliance obligations imposed by LGPD and the health area will be one of the most impacted. That is why the importance of programs of compliance that help in the implementation of actions aimed at the adoption of a culture of privacy and information security. In Brazil, LGPD requires regulation based on the particularities of each sector, and the ANPD, the supervisory body responsible for the application of administrative sanctions, plays a fundamental role in monitoring the law in organizations.
Contact TATICCA — ALLINIAL GLOBAL, which has a qualified and experienced multidisciplinary team, tools and methodology to implement LGPD in an objective and assertive manner, with: guidance and training, diagnosis, analysis of employee contracts, analysis of supplier contracts, analysis of internal policies, analysis of contracts for the provision of service or sale of products, adaptation of contracts in accordance with LGPD, data mapping, implementation of the service channel, drafting of a privacy policy, pre-formatted documentation with all the requirements of LGPD.
