top of page

Data governance in compliance with the LGPD - IBM Information Governance Catalog

By Max Rabello - Master Data Integration Specialist

Complex issues are usually divided into parts to create a scenario for better understanding, planning and execution of actions. When the subject is LGPD, we can divide a compliance program into 2 major layers: the process layer and the data layer. The business process layers define how organizations perform their routines, what types of personal data handling they contemplate, and what legal bases legitimize these operations. In addition to existing business processes, it is mandatory to define and implement new processes that define the operationalization and management of the compliance program or how the company will respond to requests from data subjects, for example.

The data layer is usually composed of several information systems that store information in structured and unstructured formats, forming a complex collection of data that needs to be very well managed to avoid risk of exposure to possible violations of this regulation.

A data governance program provides a continuous management process, adopting a methodology oriented to the complete inventory.  To support this program and provide automation, we adopt Data Governance platforms that register all existing data elements, bringing together a large catalog of information that encompasses the entire corporate data estate. Information control policies and classification rules come into play, giving each of these data assets the correct business context.

With this approach, the IBM Information Governance Catalog (IGC) platform enables users to explore, analyze and understand information. The use of a single vocabulary allows the business areas to understand the data assets involved in each business process and to establish, in a systemic way, a mechanism to measure the quality of this information. With the knowledge of the structures and quality of the registered data (metadata), the IGC automatically creates the data lineage, providing a simple way to visualize the data life cycle and the components involved in the information architecture.

This solution allows collaborative interaction among users, fostering the evolutionary aspect and encouraging the contribution and use of all those involved in the improvement of this glossary. The monitoring of data rules and information control policies generates metrics that allow the governance team to manage the data environment based on indicators and eventually refine its policies and promoting greater involvement of those responsible for the effective management of data.

Additionally, the IGC helps companies in fully understanding the available data and in tracking the changes promoted in these data structures, always keeping an updated and accurate view of the information assets it has. Furthermore, IGC brings the business areas and technical teams closer together by promoting a common vision environment, providing speed and security to the corporate initiatives and responses required by the organization. In a simple and intuitive way, this solution meets diverse user profiles, promoting greater integration between people and technologies while helping to deliver reliable, high-quality information.

In conclusion, LGPD compliance demands complete control of existing data assets and their business context. The data governance program is a key point for the success of the companies' compliance program in this regulation. Using the IBM Information Governance Catalog accelerates the process of data discovery and glossary building, establishing an efficient management mechanism that will provide greater confidence to users, supporting design decisions to optimize control of data storage and use to support the LGPD Compliance Program.

Learn more about the IBM Information Governance Catalog at:

bottom of page