The LGPD enter into force in 2020 and will affect the entire market enough. You know what it is and how it will affect the companies in the construction sector? We explain!
Data Security area, recent years have been revolutionary. Even positioned at the top of their markets, companies engaged in the forefront of technology in various sectors, suffered attacks and robberies in their database. Do you remember any?
Just to mention a few names: Uber, Facebook, Yahoo, Inter Bank, Netshoes.
personal data, sensitive and confidential information of individuals and companies involved with these companies They leaked on the internet or have been used illicitly by hackers. In many cases, even there was a request for a value for the redemption of such data.
These events sparked a light attention on regulatory agencies worldwide, which were not slow to take the first action restraint. First, it was in Europe, with GDPR (General Data Protection Regulation). Shortly thereafter, in Brazil, with LGPD (General Data Protection Act).
But after all, what is this new law data? Because she is so important for you and your business the construction sector, real estate or public works? it really It will affect your day to day and the way in which you and your employees handle data?
These are questions we answer below. Follow:
What is LGPD?
To recap a bit:
It was also in May 2018 that the European Union became law GDPR (General Data Protection Regulation). This law applies to all European citizens and basically parameterize key issues concerning the use of your data by companies.
In Brazil, it did not take long for the government to act. Only three months after the approval of GDPR in Europe, its Brazilian version was also sanctioned.
The result of two years of work of the Special Commission of Protection of Personal Data Treatment, the LGDP (General Data Protection Act) brings at its core the same principles of the recent European law.
That is, regulates the processing and use of personal data by companies, whether public or private. The main objective, as you might imagine, is that people are protected against any leaks or illegal and improper use of your data.
And it is precisely here that the spectrum of this law becomes so comprehensive. If your company handles personal information from customers, suppliers and employees, it will need to fit this law.
These days, what business, especially working in the construction sector, does not use data? Probably one iota. For those applying the BIM methodology, for example, data and information are essential for the design efficiency. Or real estate and developers, which store and deal with sensitive financial data of its customers.
Currently companies can rely on a technology solution focused on collaboration and process management for the construction sector, such as the Collaborative.
Still, maybe this stage, you still believe that the new law will not apply to the work processes of your company. After all, it does not deal with such data, the maximum email, CNPJ and some contract values staying in your system.
But yes, the law applies.
The data that LGPD seeks to protect are those that address an identified or identifiable person, either anonymised (Related to person without identifying it) sensitive (Ethnic origin, religion, genetic, etc.), or arranged in a database (Structured and centralized or distributed elsewhere).
Remember that the LGPD is also applied to foreign companies that deal with data in Brazil. To continue working smoothly, they have to prove in the contract that have a level of safety similar to that required by Brazilian law.
As LGPD affects the daily lives of your company?
Before going into details, it is important to emphasize the worst end of the violation of the guidelines of LGPD. In addition to the warnings, the company may receive a fine equivalent to 2% of their latest annual turnover or a maximum of R $ 50 million.
Therefore, companies involved in the construction segment will need to be very attentive to the treatment of personal data from now on. Recalling that not only speak of customersBut also Providers e contributors.
Today, the routine that involves a building, a project, their supervision, their administrative and practical guidelines, is full of information exchange.
E-mails, registration forms, bills of materials, contracts, digital signatures, passwords, values and much more.
Some management software also brings the possibility of creating a diary of a work in progress, accumulating information in an organized manner. They are data that bring values, names e other major assets for internal control. And if they are corrupted or used illicitly, what are the consequences for the continuity of this and future projects?
So for businesses and professionals building areaThe need Double attention to manipulate data in general. That is, from conception of the project until its closure.
One of the main points is that for employees who go to the field and for those who are in office, or use of devices (Laptops, cell phones and even access to sites on the Internet) You need to be more prudent. One wrong click and it may be carrying a virus to your digital environment or opening the door for a hacker.
Your company messes with sensitive information of individuals, such as real estate and developers do? It is recommended in addition to the attention mentioned above, a zeal in the storage of such data.
Avoid using untrusted environments and programs and not monitored. If you are not sure that computers, the program used or the entire environment is protected, it may be time to review safety guidelines of your company and begin to adapt it as soon as possible.
Want to learn what concrete actions you can take now to into conformity with the LGPD and protect the data processed for its construction company? Read our last topic:
What actions to take to tailor your business to LGPD?
First of all, consent. Maybe he's one of the pillars of the new law data: it is necessary to seek the consent of the holder of a given power to capture it and use it. Also, it may have the option to revoke this permission at any time.
That is: your company have a form for people to respond, either through a website or platform? A newsletter subscription, a service contract ... Anything like that? Make sure you have the consent of her and explain why the collection and how this data will be used.
Now you need to look at your IT infrastructure.
If you still have no answers to these questions, we recommend that you seek the assistance of a company specializing in information security. They can help your team to design a strategic plan to act upon the weaknesses of your digital environment and shield the data that you use!
Want to meet a collaboration tool and process management that is already prepared for the LGPD? Click here to see the Collaborative!