scholarly journals Adequação da MOSE® Competence para a Implementação do Capítulo VII da LGPD: Um Mapeamento dos Ativos de Segurança e Boas Práticas

2021 ◽  
Author(s):  
Maykon Araújo de Souza ◽  
Sandro Ronaldo Bezerra Oliveira
Keyword(s):  
Research Question ◽  
Personal Data ◽  
Private Companies ◽  
Public And Private ◽  
Good Practices ◽  
Goods And Services ◽  
Brazilian Government ◽  
General Data ◽  
Definition Of ◽  
Specific Section

This study presents a mapping of the assets present in the Guiding Model for the Success of Public and Private Companies (MOSE) and the articles included in the General Data Protection Law (LGPD) of the Brazilian Government, with regard to Security and Good Practices in Chapter VII of this law. The theme becomes relevant, as more and more companies from different contexts need to implement the articles contained in this law in order to adhere to the standard of regulation of personal data processing activities defined by the Brazilian Federal Government. However, this law still needs guidelines for its proper implementation based on the adoption of good practices in models, methods and/or techniques available in the specialized literature. One of these instruments refers to the MOSE, which helps public and private companies to achieve levels of excellence in performance, governance and quality, in the production of goods and services, based on the use of practices and indicators specific to the area of knowledge or specialty. Thus, the research question guiding this work is: how to correspond/map the practices included in the MOSE to guide the implementation of the articles of the LGPD law? The methodology adopted was the asset mapping, described in a specific section of the paper, which included the following steps: definition of the LGPD chapter that focuses on data security management; definition of the model and law structures, and their inputs to be analyzed; identification of the description of each asset; analysis of correspondence between assets; evaluation of the mapping using the peer review technique with expert in the two target standards of this research. The result was the perception that 33% of the MOSE’s competences goals, with the appropriate adjustments, have total adherence with 100% of the security and good pratices assets of LGPD. This mapping is intended to provide assistance in defining a roadmap containing activities, work products, tools, indicators and expected results to achieve the goals defined in the LGPD.

scholarly journals Diagnostic of Data Processing by Brazilian Organizations—A Low Compliance Issue

Information ◽  
2021 ◽  
Vol 12 (4) ◽  
pp. 168
Author(s):  
Sâmmara Éllen Renner Ferrão ◽  
Artur Potiguara Carvalho ◽  
Edna Dias Canedo ◽  
Alana Paula Barbosa Mota ◽  
Pedro Henrique Teixeira Costa ◽  
...  
Keyword(s):  
Personal Data ◽  
Good Faith ◽  
Public Access ◽  
Communication Process ◽  
Public And Private ◽  
Brazilian Government ◽  
Or Methodology ◽  
General Data ◽  
Data Protection Law ◽  
Compliance Issue

In order to guarantee the privacy of users’ data, the Brazilian government created the Brazilian General Data Protection Law (LGPD). This article made a diagnostic of Brazilian organizations in relation to their suitability for LGPD, based on the perception of Information Technology (IT) practitioners who work in these organizations. We used a survey with 41 questions to diagnose different Brazilian organizations, both public and private. The diagnostic questionnaire was answered by 105 IT practitioners. The results show that 27% of organizations process personal data of public access based on good faith and LGPD principles. In addition, our findings also revealed that 16.3% of organizations have not established a procedure or methodology to verify that the LGPD principles are being respected during the development of services that will handle personal data from the product or service design phase to its execution and 20% of the organizations did not establish a communication process to the personal data holders, regarding the possible data breaches. The result of the diagnostic allows organizations and data users to have an overview of how the treatment of personal data of their customers is being treated and which points of attention are in relation to the principles of LGPD.

scholarly journals DIGITAL MARKETING REGULATIONS

2019 ◽  
Vol 13 (1) ◽  
pp. 25-30
Author(s):  
RAMONA-MIHAELA URZICEANU ◽  
VALENTINA-SIMONA PAŞCALĂU
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Digital Marketing ◽  
Incident Response ◽  
European Law ◽  
Data Breach ◽  
General Data Protection Regulation ◽  
General Data ◽  
Definition Of

The General Data Protection Regulation (GDPR) is a European law which grants rights regarding an individual’s personal data. Having been adopted in April 2016, its enforcement became effective as of 25th May 2018.This article aims to highlight who should do this, what exactly they should do and how to do it. Learn about the scope of GDPR in digital marketing, the definition of a personal data breach, the rights of data subjects, incident response under GDPR and more.

scholarly journals An Overview of CSR Programs in Saudi Arabia with Reference to Select Organizations

2015 ◽  
Vol 5 (2) ◽  
pp. 282 ◽  
Author(s):  
Samia Magbool
Keyword(s):  
Public Image ◽  
Private Companies ◽  
Public And Private ◽  
Goods And Services ◽  
Number Of Factors ◽  
The Social ◽  
National Economic ◽  
The Media ◽  
Social And Environmental Change ◽  
Corporate Social

Corporate Social Responsibility (CSR) implies evaluation and taking the responsibility for the organization’s impact on the larger environment and eventually the social welfare aspects. It refers to the promotion of positive social and environmental change. Organizations are crucial players in the community as well as the national economic development because they control huge assets and can invest for socially conscious investments and programs. Moreover, though customers may buy goods and services but ultimately today the level of competition depends on a number of factors like the corporations social programs. A company’s public image is created mostly due to the CSR activities and how well-aware customers are of them. Employees like working for a company that has a good public image and is constantly in the media for positive reasons. This paper discusses the CSR activities of some select Saudi public and private companies and analyses the implications as well as the some of the positive suggestions and criticisms in the context of the kingdom.

scholarly journals Research under the GDPR – a level playing field for public and private sector research?

2021 ◽  
Vol 17 (1) ◽  
Author(s):  
Paul Quinn
Keyword(s):  
Personal Data ◽  
Single Type ◽  
Public And Private ◽  
The Public ◽  
Playing Field ◽  
Advantages And Disadvantages ◽  
Societal Challenges ◽  
General Data ◽  
Economic Innovation ◽  
Public And Private Sector

AbstractScientific research is indispensable inter alia in order to treat harmful diseases, address societal challenges and foster economic innovation. Such research is not the domain of a single type of organization but can be conducted by a range of different entities in both the public and private sectors. Given that the use of personal data may be indispensable for many forms of research, the data protection framework will play an important role in determining not only what types of research may occur but also which types of actors may carry it out. This article looks at the role the EU’s General Data Regulation plays in determining which types of actors can conduct research with personal data. In doing so it focuses on the various legal bases that are available and attempts to discern whether the GDPR can be said to favour research in either the public or private domains. As this article explains, the picture is nuanced, with either type of research actor enjoying advantages and disadvantages in specific contexts.

scholarly journals GEOBASI: The geochemical Database of Tuscany Region (Italy)

2015 ◽  
Vol 4 (1) ◽  
Author(s):  
Brunella Raco ◽  
Antonella Buccianti ◽  
Manuela Corongiu ◽  
Guido Lavorini ◽  
Patrizia Macera ◽  
...  
Keyword(s):  
Chemical Species ◽  
Geographic Location ◽  
Web Gis ◽  
Geochemical Data ◽  
Private Companies ◽  
Public And Private ◽  
Geostatistical Methods ◽  
Numerical Tools ◽  
Definition Of

In this study the new Regional Geochemical Database (RGDB), called GEOBASI, is presented and illustrated in the framework of a joint collaboration among the three Tuscan universities (Florence, Pisa and Siena), CNR-IGG (Institute of Geosciences and Earth Resources of Pisa), ARPAT (Regional Agency for the Environmental Protection), LAMMA (Environmental Modelling and Monitoring Laboratory for Sustainable Development) Consortium and S.I.R.A. (Territorial and Environmental Informative System of Tuscany). The database has permitted the construction of a repository where the geochemical information (compositional and isotopic) has been stored in a structured way so that it can be available for different groups of users (e.g. institutional, public and private companies). The information contained in the database can in fact be downloaded freely and queried to correlate geochemistry to other non compositional variables. The first phase of the project was aimed at promoting the use of the geochemical data already available from previous investigations through a powerful Web-GIS interface to implement the exploratory statistics graphical-numerical tools used to: 1) analyse the spatial variability of the investigated context, 2) highlight the geographic location of data pertaining to classes of values or single cases, 3) compare the results of different analytical methodologies applied to the determination of the same element and/or chemical species, 4) extract the geochemical data related to specific monitoring plans and/or geographical areas, and finally 5) recover information about data below the detection limit to understand their impact on the behaviour of the investigated variable. Developments of this project will be focused on the definition of rules and standardized methods in a way that external users could also interactively pursue the RGDB. Furthermore, a detailed investigation of the Scarlino-Follonica plain will permit the improvement and test of statistical and geostatistical methods, using open source software (QGIS and R) to support the process of evaluation of the geochemical baseline.

scholarly journals Specifics of nature of the biometric data definition in law of the European Union

2021 ◽  
pp. 160-167
Author(s):  
Y. V. Smirnova
Keyword(s):  
Personal Data ◽  
The European Union ◽  
Legal Doctrine ◽  
Biometric Data ◽  
General Data Protection Regulation ◽  
Legal Definition ◽  
Data Definition ◽  
General Data ◽  
Definition Of

The article offers analysis of the approaches in Russian and European legal doctrine to the definition of “biometric data”, as well as the evolution of the legal definition formation of biometric data in the legislative acts of the EU. The article analyzes the role of biometric data in the personal data system, their characteristics, and the determination of a list of key features that allow an individual's data to be classified as biometric data. Special attention is paid to the list of characteristics that fall under the category of biometric data in accordance with existing scientific approaches on personal data, as well as the provisions of the General Data Protection Regulation. The article highlights the main problems of interpretation of the category of biometric data in legal sources, and also suggests the author's legal definition of biometric data that meets, in the author's opinion, the main criteria that characterize specific data of an individual as biometric.

SARI : A User-Oriented Data Bank System for Medical Applications

1976 ◽  
Vol 15 (02) ◽  
pp. 69-74
Author(s):  
M. Goldberg ◽  
B. Doyon
Keyword(s):  
Data Base ◽  
Personal Data ◽  
Data Bank ◽  
Medical Applications ◽  
Basic Principles ◽  
Base Management ◽  
General Data ◽  
Privacy Problem ◽  
Bank System ◽  
Made In

This paper describes a general data base management package, devoted to medical applications. SARI is a user-oriented system, able to take into account applications very different by their nature, structure, size, operating procedures and general objectives, without any specific programming. It can be used in conversational mode by users with no previous knowledge of computers, such as physicians or medical clerks.As medical data are often personal data, the privacy problem is emphasized and a satisfactory solution implemented in SARI.The basic principles of the data base and program organization are described ; specific efforts have been made in order to increase compactness and to make maintenance easy.Several medical applications are now operational with SARI. The next steps will mainly consist in the implementation of highly sophisticated functions.

The Noise Abatement Campaign in Industrializing Japan, 1923–37

Resonance ◽  
2020 ◽  
Vol 1 (3) ◽  
pp. 298-327
Author(s):  
Shuhei Hosokawa
Keyword(s):  
Public Opinion ◽  
Legal Regulation ◽  
Public Realm ◽  
Political Responsibility ◽  
Noise Abatement ◽  
Public And Private ◽  
The Public ◽  
Causal Responsibility ◽  
Kanto Earthquake ◽  
Definition Of

Drawing on Karin Bijsterveld’s triple definition of noise as ownership, political responsibility, and causal responsibility, this article traces how modern Japan problematized noise, and how noise represented both the aspirational discourse of Western civilization and the experiential nuisance accompanying rapid changes in living conditions in 1920s Japan. Primarily based on newspaper archives, the analysis will approach the problematic of noise as it was manifested in different ways in the public and private realms. In the public realm, the mid-1920s marked a turning point due to the reconstruction work after the Great Kantô Earthquake (1923) and the spread of the use of radios, phonographs, and loudspeakers. Within a few years, public opinion against noise had been formed by a coalition of journalists, police, the judiciary, engineers, academics, and municipal officials. This section will also address the legal regulation of noise and its failure; because public opinion was “owned” by middle-class (sub)urbanites, factory noises in downtown areas were hardly included in noise abatement discourse. Around 1930, the sounds of radios became a social problem, but the police and the courts hesitated to intervene in a “private” conflict, partly because they valued radio as a tool for encouraging nationalist mobilization and transmitting announcements from above. In sum, this article investigates the diverse contexts in which noise was perceived and interpreted as such, as noise became an integral part of modern life in early 20th-century Japan.

The Risk-Based Approach to Data Protection

2020 ◽  
Author(s):  
Raphaël Gellert
Keyword(s):  
Risk Management ◽  
Data Protection ◽  
Personal Data ◽  
Management Tools ◽  
General Data Protection Regulation ◽  
Regulation Theory ◽  
Régulation Theory ◽  
General Data ◽  
Data Protection Law ◽  
The Way

The main goal of this book is to provide an understanding of what is commonly referred to as “the risk-based approach to data protection”. An expression that came to the fore during the overhaul process of the EU’s General Data Protection Regulation (GDPR)—even though it can also be found in other statutes under different acceptations. At its core it consists in endowing the regulated organisation that process personal data with increased responsibility for complying with data protection mandates. Such increased compliance duties are performed through risk management tools. It addresses this topic from various perspectives. In framing the risk-based approach as the latest model of a series of regulation models, the book provides an analysis of data protection law from the perspective of regulation theory as well as risk and risk management literatures, and their mutual interlinkages. Further, it provides an overview of the policy developments that led to the adoption of such an approach, which it discusses in the light of regulation theory. It also includes various discussions pertaining to the risk-based approach’s scope and meaning, to the way it has been uptaken in statutes including key provisions such as accountability and data protection impact assessments, or to its potential and limitations. Finally, it analyses how the risk-based approach can be implemented in practice by providing technical analyses of various data protection risk management methodologies.

The Role of the Business Sector in Global Health Politics

2018 ◽  
pp. 385-408
Author(s):  
Kelley Lee ◽  
Julia Smith
Keyword(s):  
Collective Action ◽  
Global Health ◽  
Business Sector ◽  
Policy Debate ◽  
Public And Private ◽  
Health Politics ◽  
For Profit ◽  
Goods And Services ◽  
Private Interests ◽  
Health Related

The influence of for-profit businesses in collective action across countries to protect and promote population health dates from the first International Sanitary Conferences of the nineteenth century. The restructuring of the world economy since the late twentieth century and the growth of large transnational corporations have led the business sector to become a key feature of global health politics. The business sector has subsequently moved from being a commercial producer of health-related goods and services, contractor, and charitable donor, to being a major shaper of, and even participant in, global health policymaking bodies. This chapter discusses three sites where this has occurred: collective action to regulate health-harming industries, activities to provide for public interest needs, and participation in decision-making within global health institutions. These changing forms of engagement by the business sector have elicited scholarly and policy debate regarding the appropriate relationship between public and private interests in global health.

Sign in / Sign up

Export Citation Format

Share Document