Follow on Google News
Economic sectors that process large volumes of data need to pay the utmost attention to information security. For credit protection service companies, high and growing investments in information security are part of their daily routine.
Credit protection service databases around the world were created to process personal and company data. In Brazil, credit bureaus process around 150 million individuals' and companies' data, using only the information necessary for the legitimate purpose of providing credit assessment and in an environment of total information security.
Thanks to its high investment in innovation and the adoption of strict information security policies, the sector has a very low incident rate. And as it has always been committed to promoting the proper handling of data, it was already applying the strict principles of the General Personal Data Protection Law (LGPD) even before it came into force.
In drafting the LGPD, provision was made for ten principles for data processing: purpose; adequacy; necessity; free access; data quality; transparency; security; prevention; non-discrimination; accountability and responsibility. In this article, I analyze the principles of prevention and security as a way of protecting the personal information available in credit bureau databases.
The safety principle leads the sector to make efforts to mitigate the risks of This is essential in a context of growing cyber attacks in all sectors of the economy. With the pandemic, the use of technology has increased, even for audiences unfamiliar with it. Investing in information technology and improving internal data access policies minimizes the risk of fraud/ improper access/ information leakage.
For principle of prevention, which is related to security, the LGPD establishes that measures must be adopted to prevent damage from occurring as a result of the processing of personal data, which the sector uses for credit protection and fraud prevention purposes.
To get an idea of how crucial data security is for any business, it's worth looking at the results of the Data Privacy Benchmark Study 2020, The survey was carried out by Cisco in 13 countries with more than 2,800 security professionals in organizations of various sizes. The survey showed the benefits obtained by companies that have already adopted practices to reduce risks related to data security.
The study indicated that organizations received, on average, benefits equivalent to 2.7 times the investment they made, and more than 40% report benefits that are at least double what they spent on data protection.
Focus on structuring the ANPD
The LGPD came into force without the National Personal Data Protection Authority (ANPD) being in place. And although the Presidency of the Republic has appointed the five members of the ANPD's Board of Directors and they have already been heard and approved by the Federal Senate, the entire structuring of the ANPD, including the choice of the members of the ANPD's Board of Directors, is still in progress. National Council for the Protection of Personal Data and Privacy (CNPDP), is yet to be realized.
From the point of view of the bureau sector, the ANPD, in addition to maintaining the balance between the protection of personal data subjects and economic and social development, has a fundamental role defined by the LGPD, which contains various provisions that require regulation or guidance from the competent Authority.
At the same time, the implementation and standardization of the LGPD in the country must take place in an orchestrated manner, under the coordination of the ANPD, and as a result of an extensive process of public consultations and regulatory and economic impact analyses, avoiding monocratic and one-off decisions.
The organized private sector suggests the regulatory debate and offers to collaborate in drawing up guidelines, regulatory guidelines and educational work. Dialogue with the government and other organized sectors is and will continue to be a priority for the private sector in the search for the best results for society by sharing best practices.
Thanks for reading! Access other content at ANBC website.
By: Elias Sfeir President of ANBC & Member of the Climate Council of the City of São Paulo & Certified Advisor
