top of page

The solution proposed by MD2 is based on the creation of a data governance program aimed at this new legislation, which is anchored in the single vision of people pillar. The logical and physical data model of the LGPD HUB or central repository of unified people data is prepared to meet all the framework controls required by the Law.

The data are born in the organization's transactional systems and are incorporated by the routines of collection and qualification of this data (LGPD engine), routines of legal framework of the data (based on contracts, consent and other legal hypotheses) supported by rules formalized together with the team from the company.

Through the mechanisms proposed by the parameterization interfaces of our solution and based on the purposes of the company that will be listed and documented at project time and principles established by the new Law so that the data are classified and monitored so that the treatments are legally supported. In the worst case, these data must be deleted or anonymized. The diagram below macro shows the architecture of the MD2 proposal:

The use of the components of the IBM Information Server® suite becomes extremely relevant due to its ability to integrate different data types and platforms, in addition to the components of data adequacy, quality treatment, use of dynamic parameterization and use of a high-quality reference base. performance. Additionally, essential components for data dictionary records (metadata), business term records and data processing routines are covered in the IBM Information Governance Catalog (IBM IGC) component. Some important points:

Personal Data Sources
The LGPD SUITE solution must encompass all systems that store personal data. Its technological peculiarities are met by the broad connectivity supported by the IBM InfoSphere platform. Virtually all systems can be mapped and their data controlled. The synchronization mechanisms meet different scenarios, which have different latency requirements in the availability of information, from the traditional schemes of building ETL processes in Batch mode for daily monitoring of these records stored in relational databases, to modern integration strategies based on replication services with demand for online integration.

Collection and Integration (MD2 Data Model, IBM Information Server® components)
Once the information is captured, the data quality treadmill is responsible for reviewing and validating this data, managing the entire process of crossing these records with external reference sources to ensure reliability. Confirmation of ownership is one of the examples of this type of treatment, which is essential for the solution to guarantee the correct association of data.

Qualification and Unification (Data Model, IBM Information Server® components)
The identity resolution mechanism plays a crucial role regarding the unification of these records into a single corporate copy of this holder, creating a foundation that represents the unique vision of the truth.  This component is essential because it is from the unified registry that the controls for framing use in legal hypotheses will be activated and will assign tags so that they can be referenced by the origin systems, anonymized, and naturally used in a reasoned and governed manner.

HUB LGPD SUITE (Unified Owners Base)
The HUB LGPD SUITE stores the data of the mapped holders. That is, it is not limited to customer records. It includes extremely important additional domains such as management of prospect data, suppliers, employees, business partners and contract data that support the maintenance of this information while it is in effect during the period of its execution, in addition to performing the automated management of the framework for use. cool. In addition, it is prepared to promote the management of consent, permission declared by the holder and referenced in external databases that will be populated for this purpose (consent reference bases and other legal hypotheses such as current contracts and legal obligations).

In this way, the LGPD SUITE HUB, which stores the master record of each holder, allows the implementation of all functionalities related to legal requirements, centrally maintaining control of the legal framework of this data in all cases provided for by the regulation and which will be listed. at design time. Thus, from the unified data with the references in each source system, contract information and framing in the 10 legal hypotheses for its treatment, it will be possible to subsidize its use and the impact reports required by the new Law.

Governance, process-based quality management, and personal data lifecycle (IBM Information Server® components, MD2 Quality Manager)
The effective support of other components aims to sustainably meet the demand for adherence to Law 13,709/2018.

The IBM InfoSphere Information Server® platform

It helps in understanding the available data assets and creating a common vocabulary between the business areas and technology professionals that support the company's computing park. The management of intermediate treatments, as well as the definition of those responsible for each business term or data element, are some characteristics that demonstrate the importance of this module in the context of the solution. In addition, it establishes a vision of data governance based on corporate policies that encourage the involvement of people in governance processes by establishing a vision of responsibility for each system or processing step, thus encouraging collaboration.

The MD2 Quality Manager component
Responsible for the treatment routines and dashboards with verification and reaction indicators when the existing data in the LGPD HUB do not reach a minimum degree of framing in the legal hypotheses of use. Thus, rules and flow of processes for purging or anonymizing unauthorized data will be parameterized and executed. This component is also responsible for performing individual data purge in case of an explicit request from a client for this purpose.

• Quality management platform that allows the formalization and management of processes, including mapping and management of risks, occurrences, process execution guidelines and provision of indicators associated with relevant facts for the protection of personal data. This component will be essential to comply with the requirement of Law 13,709 described in Art. 5 and 48 and support governance in general.

• Offers platform analytics and general exploration capability of the LGPD HUB. This module provides users and/or governance committees with a unified interface focused on data management and curation. The monitoring of indicators promoted by this module consolidates and translates the level of risk involved in these situations of non-compliance.

Data Exposure Services (Data Services)
The new Law makes clear the need for transparency towards data subjects in relation to the data kept in their systems and the purpose for which they are used. The data exposure component (Data Services) of the solution is considered a set of routines to facilitate the company's activities to satisfy the demand of the new Law to provide information to holders about existing data in a simplified and ostensible way. The holders may request a report on what data the company holds about them and what treatments these data are submitted, including requesting changes to these data, their deletion or just consent adjustments for the treatments.


LGPD Clinic: a complete project, prepared by a team of experts in the health segment!

Don't waste any more time! Fill in your details and talk to our experts.

bottom of page