Newsletter
30 de October de 2023
ANVISA’s Personal Data Protection Policy is released
On October 19, 2023, the Federal Official Gazette (DOU) published Administrative Order 1,184/2023, which provides for the National Health Surveillance Agency’s (Anvisa) conformity with the Personal Data Protection Policy and, consequently, the compliance of its internal processes with the General Personal Data Protection Law – Law 13.709/2018 (LGPD).
Anvisa’s aim is to implement internal guidelines for the protection of personal data. It also aims to comply with legislation when carrying out its activities, safeguarding privacy through rules and guidelines; which on one side preserve transparency and access to public information, and on the other side aim to protect the freedoms and rights of individuals. In this way, the Policy is targeted at the processing of personal data, safeguarded by the Agency, which will be done through its civil servants, employees, contractors, trainees, suppliers, service providers, or anyone involved in the Agency’s processes.
In this sense, the Policy determines that Anvisa’s personal data processing activities should be configured within parameters and principles, observing good faith:
Free Access: guarantee data subjects information for free, with easy consultation, about how their data will be processed and for how long, in accordance with Art. 6, IV of the LGPD;
Security: use technical and administrative measures with the aim of guaranteeing the protection of personal data from unauthorized access; and from adverse or illicit situations in the attempt to destroy, lose, alter, communicate, or disseminate the personal data of a data subject, according to Art. 6, VII of the LGPD;
Prevention: adopting preventive measures, in order to prevent possible incidents of damage as a result of the processing of personal data, in accordance with Art. 6, VIII of the LGPD; and
Responsibility and Accountability: demonstrate and prove that it has adopted efficient and appropriate measures for observing and complying with the rules on the protection of personal data, as provided for in Art. 6, X of the LGPD.
Some of the areas of ANVISA’s activities that require data processing include: product registration and renewals at ANVISA; applications for certificates and authorizations; complaints and notifications of adverse situations; applications for health inspections and inspections; and requests made to ANVISA by the public.
The publication of ANVISA’s Personal Data Protection Policy is in harmony with the objectives proposed in the Agency’s 2020-2023 Strategic Plan, which establishes the goal of improving regulatory quality in health surveillance, strengthening technical excellence in management and regulation and modernizing data processing systems.
For more content related to this matter, don’t hesitate to contact us at regulatorio@kasznarleonardos.com and digital@kasznarleonardos.com.
Last related news
1 de July de 2026
INPI Ordinance No. 80/2026 and Second Medical Use Patents
INPI Ordinance No. 80/2026, published on June 30, 2026, in the Official Gazette No. 2895, revised Chapter 9 of the Guidelines for Examination … INPI Ordinance No. 80/2026 and Second Medical Use Patents
1 de July de 2026
Joint Judiciary Ordinance Creates Permanent Industrial Property Committee and Strengthens Cooperation Between State and Federal Courts
Joint FOJURJ Ordinance No. 4/2026 was recently published, creating the Permanent Industrial Property Committee within the Judiciary Forum of the State of … Joint Judiciary Ordinance Creates Permanent Industrial Property Committee and Strengthens Cooperation Between State and Federal Courts
30 de June de 2026
New Cycle for Fast-track Examination Requests, Including PPH, Opens in Brazil for Telecommunication Cases
By means of Ordinance 05/2026, published on June 30, 2026, the BPTO has announced that a new cycle for fast-track examination routes, … New Cycle for Fast-track Examination Requests, Including PPH, Opens in Brazil for Telecommunication Cases