By: Leonardo Neri
According to the National Data Protection Institute's LinkedIn page, the ordinance regarding the general policy and regulation of data protection was published, the main purpose of which is to disclose the formal rules for processing personal data, in accordance with current legislation.
Ordinance MJSP No. 561 was made available on December 31, 2021 and published in early 2022, establishing the General Data Protection Policy, along the lines of the Ministry of Justice and Public Security, coming into force on January 10. This document has 20 pages and is divided into 5 chapters. Let's see:
Chapter 1 deals with general provisions, defining what personal data is and how it should be addressed. In other words, it explains the purpose of creating the Ordinance in question.
Chapter 2, divided into 3 sections, addresses Privacy and Data Protection itself. The first section focuses on the principles that guide this guideline should be taken into account, such as cooperation between units, supervision and risk mitigation, adoption of good practice rules and establishment of a relationship of trust with the holder and with potential recipients of the processed data. Section II addresses the purpose and object. And finally, in this chapter, the last section addresses transparency, requiring that the MJSP and agencies that have Sectoral Officers must publish on their respective portals the processing of personal data.
Chapter 3, also divided into sections, addresses the ownership of these data, focusing on the group of rights of the data subject, which encompasses any and all natural persons who are guaranteed by law ownership of their personal data, guaranteeing the fundamental rights of freedom, intimacy and privacy. Thus, the following section deals with the requests, requiring the presentation of elements capable of identifying the interested party or their representative, through the presentation of documents.
The penultimate chapter deals with the data protection network, which is made up of the bodies that make up the Ministry's organizational structure, which are: National Secretariat of Justice, National Secretariat for Consumer Affairs, National Secretariat for Drug Policies and Asset Management, National Secretariat for Public Security, Secretariat for Integrated Operations, Secretariat for Management and Education in Public Security.
It is important to highlight the sectors of the agencies covered: Federal Police, Federal Highway Police, National Penitentiary Department and National Archives.
Following the aforementioned responsible bodies, section 2 addresses the focal points, such as the role of managers, the obligation to ensure the proper application of the law, etc.
The penultimate section of this topic is about personal data processing agents, who must adopt technical and administrative security measures to protect personal data from unauthorized access and accidental or unlawful destruction, loss, alteration, communication or any other improper form.
Finally, the data protection network brings in its last section the means of administrative sanctions, which are subject to the acts of article 52 of the LGPD.
Furthermore, the last chapter of this documentation seeks to bring the final provisions, claiming that the Data Governance and Information Systems Committee supports the development contained in this ordinance.
https://www.in.gov.br/en/web/dou/-/portaria-mjsp-n-561-de-31-de-dezembro-de-2021-371605655