Important
This feature is available from release 12.1.33 onwards.
The Law No. 13,709 - General Data Protection Law of Brazil, from August 14th, 2018, will come into force in August 2020, establishing rules on the collection, storage, treatment and sharing of personal data, imposing more protection and penalties for non-compliance.
For the purposes of this law, we consider:
I - Personal data: information related to a natural person identified or identifiable;
II - Sensitive personal data: personal data about the racial or ethnic origin, religious belief, political opinion, union affiliation or religious, philosophical or political organization, data related to health or sexual life, genetic or biometric data, when linked to natural person;
III - Anonymized data: data related to holder, who cannot be identified, considering the usage of reasonable technical data available at the moment of its treatment;
In order to adapt Protheus® system à General Data Protection Law (Law n° 13.70), , we needed to adapt the presentation of routine data, in order to carry out the treatment of sensitive and / or personal data, using the Access Control’ and Audit Log.
Define if the user or a group of users has the permission to access/view the sensitive personal data available in the screen of the routines and/or reports when applicable.
The System Admin is the responsible party establishing whether the information control rules will be applicable to a single user or a group of users. The configuration of the access to sensitive and personal data for users and/or user groups is available in module Configurator (SIGACFG) through accesses 192 and 193 (Accesses x Routine Relationship).
For further details on the Security Policy, click here.
Use this feature to audit updates to the Data Dictionary, to the Users Register, and to access authentications to routines with sensitive and/or personal fields, as well as the possible access rejections to such data.
For further details, refer to the Audit Rules chapter in the Security Policy.
Protheus® System makes some routines available for the generation of the Audit Logs. You can get the procedures to configure and generate these reports through Log and Audit Routine.
When the profile of the user has LGPD restrictions, the Dashboard Analysis obfuscates the data, as shown below: