Páginas filhas
  • Control of Protected Data - Fixed Assets - P12

Versões comparadas

Chave

  • Esta linha foi adicionada.
  • Esta linha foi removida.
  • A formatação mudou.


Law No. 13.709 - General Personal Data Protection Law of Brazil, of August 14, 2018, will enter into force in August 2020, establishes rules on the collection, storage, processing and sharing of personal data, imposing more protection and penalties for non-compliance.

For the purposes of this Law, we must consider: 

     I - Personal data: information related to an identified or identifiable natural person; 

    II - Sensitive personal data: personal data on racial or ethnic origin, religious conviction, political opinion, affiliation to a union or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person; 

    III - Anonymized data: data relating to a holder that cannot be identified, considering the use of reasonable technical means available at the time of their treatment.


In order to adapt the Protheus® System to the General Personal Data Protection Law (Statute No. 13.70), it was necessary to adapt the presentation of routine data, in order to carry out the processing of sensitive and/or personal data, using the processes of  Access Control and  Audit Log.


Expandir
titleControl of Access

Defines whether the user or a group of users has permission to access/view sensitive and/or personal data available on the routines and/or report screens, when applicable.

The  System Administrator  is responsible for establishing whether the information control rules will apply to a single user or a group of users. The configuration of this access of users and/or group of users to sensitive and personal data is available in the Configurator module (SIGACFG) through accesses 192 and 193 (Relationship of Accesses x Routine).

For more details on the Security Policy,  click here.

Expandir
titleAudit Log

It allows to audit the updates of the Data Dictionary and the User Registration, the access authentications to the routines that have sensitive and/or personal fields, as well as the possible rejections of access to such data.

For further details, refer to the chapter  Audit Rules  in the  Security Policy.

 Protheus® System  makes some routines available for the generation of the  Audit Logs. The procedures for the configuration and generation of these reports are obtained through the  Routines of Audit Logs.




ATFA003 - Jurisdiction of Approval per Process

ATFA004 - Approval Transaction



Not applicable.



For further information about the    Statute n° 13.709click here 

Guidelines to understand the General Personal Data Protection Law.

Personal Data Anonymization and Obfuscation - Controllership Modules