Digital Policy Alert logo

Brazil: Published ANDP Guidelines on Personal Data Protection Impact Report

Policy overview

Description

Published ANDP Guidelines on Personal Data Protection Impact Report

On 6 April 2023, the Brazilian National Data Protection Authority (ANDP) published Guidelines and a list of questions and answers regarding the “Personal Data Protection Impact Report” (RIPD) required by the General Law for the Protection of Personal Data (LGPD). The questions and answers aim to guide users on the presentation and submission of the RIPD. Notably, the guide sets out when data controllers should prepare the RIPD, the criteria and methodologies to use for risk management, the minimum requirements that the RIPD must contain, and the data and information that should be included in the RIPD, among others.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2023-04-06
adopted

On 6 April 2023, the Brazilian National Data Protection Authority (ANDP) published Guidelines and a…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.