By Giovanna Verginelli Mezher
October 30, 2023
ANVISA’s Personal Data Protection Policy is released
On October 19, 2023, the Federal Official Gazette (DOU) published Administrative Order 1,184/2023, which provides for the National Health Surveillance Agency’s (Anvisa) conformity with the Personal Data Protection Policy and, consequently, the compliance of its internal processes with the General Personal Data Protection Law – Law 13.709/2018 (LGPD).
Anvisa’s aim is to implement internal guidelines for the protection of personal data. It also aims to comply with legislation when carrying out its activities, safeguarding privacy through rules and guidelines; which on one side preserve transparency and access to public information, and on the other side aim to protect the freedoms and rights of individuals. In this way, the Policy is targeted at the processing of personal data, safeguarded by the Agency, which will be done through its civil servants, employees, contractors, trainees, suppliers, service providers, or anyone involved in the Agency’s processes.
In this sense, the Policy determines that Anvisa’s personal data processing activities should be configured within parameters and principles, observing good faith:
Free Access: guarantee data subjects information for free, with easy consultation, about how their data will be processed and for how long, in accordance with Art. 6, IV of the LGPD;
Security: use technical and administrative measures with the aim of guaranteeing the protection of personal data from unauthorized access; and from adverse or illicit situations in the attempt to destroy, lose, alter, communicate, or disseminate the personal data of a data subject, according to Art. 6, VII of the LGPD;
Prevention: adopting preventive measures, in order to prevent possible incidents of damage as a result of the processing of personal data, in accordance with Art. 6, VIII of the LGPD; and
Responsibility and Accountability: demonstrate and prove that it has adopted efficient and appropriate measures for observing and complying with the rules on the protection of personal data, as provided for in Art. 6, X of the LGPD.
Some of the areas of ANVISA’s activities that require data processing include: product registration and renewals at ANVISA; applications for certificates and authorizations; complaints and notifications of adverse situations; applications for health inspections and inspections; and requests made to ANVISA by the public.
The publication of ANVISA’s Personal Data Protection Policy is in harmony with the objectives proposed in the Agency’s 2020-2023 Strategic Plan, which establishes the goal of improving regulatory quality in health surveillance, strengthening technical excellence in management and regulation and modernizing data processing systems.
For more content related to this matter, don’t hesitate to contact us at regulatorio@kasznarleonardos.com and digital@kasznarleonardos.com.
Last by Giovanna Verginelli Mezher
December 27, 2024
Bioinputs Law: A new regulatory framework for sustainable agriculture in Brazil
On December 24, 2024, Law No. 15,070 of December 23, 2024 (“Bioinputs Law”), which regulates the production, use, and commercialization of bioinputs … Bioinputs Law: A new regulatory framework for sustainable agriculture in Brazil
September 9, 2024
Brazil Implements a New Regulatory Framework for Food Products
The newly implemented regulatory framework governing food safety and quality in Brazil took effect on September 1st, 2024. The Collegiate Board Resolutions … Brazil Implements a New Regulatory Framework for Food Products
July 2, 2024
Life Sciences’ Brazil Global Guide 2024 is now available
We are pleased to announce our collaboration on the Chambers and Partners Life Sciences 2024 Global Practice Guide! Our partners Priscila Kashiwabara … Life Sciences’ Brazil Global Guide 2024 is now available