Cleaning in Três Passos Cemetery to Prevent Aedes Aegypti Spread
Summary of Key Data Protection Roles & Responsibilities (Based on Provided Text)
This document outlines a data protection framework for a broadcaster, likely in preparation for LGPD (Lei Geral de Proteção de Dados – Brazilian General Data Protection Law) compliance. Here’s a breakdown of the key roles and their responsibilities:
1. General Principles:
* Limited Data Collection: The broadcaster does not proactively collect personal data of children or adolescents and doesn’t directly engage in activities related to them. This is a crucial statement and requires ongoing monitoring.
* Data Users: Data access is restricted to members of the broadcaster, service providers, and authorized individuals/organizations performing professional activities.
* Data Retention: Data is deleted when its purpose is fulfilled or upon request, unless legal requirements dictate otherwise.
2.Personal Data Protection Management Committee (CGPD):
* Existence: The broadcaster has established a CGPD.(Note: the document allows for deletion of this section if the broadcaster chooses not to create a CGPD).
* Composition:
* 2 Directors
* 1 Privacy & Data Protection manager
* 1 Security/IT Manager or Consultant
* 1 HR Manager
* Data Protection Officer (DPO)
* Responsibilities:
* Approve and update the Data Protection Policy.
* Approve privacy guidelines developed by the Details Security team.
* Secure necessary resources for data protection.
* Ensure data processing complies with the Policy and LGPD.
* Promote data protection awareness and culture within the organization.
3. Person in Charge of Processing Personal Data:
* Responsibilities:
* Support the CGPD.
* Enforce the Data protection Policy.
* Identify and mitigate data protection threats.
* Handle complaints from data subjects (individuals whose data is processed).
* Respond to communications from the National Data Protection Authority (ANPD).
* Provide guidance to broadcaster members and partners on data protection practices.
* Comply with guidance from the ANPD.
* Manage data breaches, including notification to the ANPD and affected individuals when necessary.
4. Information Security and Information Technology Team:
* Responsibilities:
* Implement security controls (technical and administrative) based on the Information Security Policy, guidelines, and the Data Protection Policy.
* protect personal data from unauthorized access, destruction, loss, alteration, or illicit treatment, adhering to ANPD standards.
* Manage information security incidents involving personal data - detection, containment, elimination, and recovery.
In essence, this framework establishes a multi-layered approach to data protection, with clear roles and responsibilities for oversight, implementation, and response. The CGPD provides strategic direction,the Person in Charge handles day-to-day operations and compliance,and the IT/Security team focuses on technical safeguards.