dc.description.abstract | This article aims to discuss about the relationship between Compliance and the
General Data Protection Law (LGPD) in the health care area. For the development of
this text, the general aspects of the LGPD and its guiding principles will be analyzed,
discussing the effects and main provisions of the referred law. In addition, the
economic and business impacts of the LGPD will be addressed, correlating them with
the Compliance system. Initially, the concept of personal data and treatment will be
presented in the light of the General Law for the Protection of Personal Data, with an
overview of the aforementioned regulation. Next, privacy and data protection applied
to the health area will be addressed, with structural analyses, followed by the inclusion
of data protection in compliance and corporate governance systems.Concrete
measures will be suggested for the implementation of such policies in the health care
area, with the assessment of risk in the health care sector and the application of data
protection. At the conclusion, we seek to present an answer to the following question:
how to adapt a company or office in the health care area to the LGPD standards in
accordance with Compliance? Finally, mechanisms for implementing the LGPD on this
sector are pointed out, through which health companies will manage to consolidate a
more responsible system in regard to personal data sharing. It is concluded that it is
mandatory to adopt general conducts within organizations that can generate concrete
effects in order to safely protect personal data in the health care area. Also, to
strengthen the implementation of the General Data Protection Law, simultaneous data
compliance work is suggested, which should take place in a multidisciplinary,
preventive manner and with daily checklist procedures. Thus, there is a need for data
protection to be part of the corporate culture, and its importance must be understood
by all segments. However, it is not possible to speak of a single Compliance program
model, as its effectiveness depends on observing the specificities of each organization
and the constant review of the risks involved in the business. The challenge for
companies is precisely to build a tailored model, suited to their specificities and without
neglecting the guidelines of the law. The new Brazilian scenario is aimed at companies
with safer, more ethical and transparent cultures | en |