You are here

Brazil

Country:
Survey Answer:

This first set of laws and administrative measures apply to the public administration.
• Decree nº 3,505/2000
Institutes IT policy in the public administration.
• Instruction GSI/PR nº 1 from June 13, 2008.
Addresses IT and Communication’s policy in the public administration.
• Complementary Regulation nº 05/IN01/DSIC/GSIPR
Designates teams to treat and respond to IT incidents within the public administration.
• Instruction GSI/PR nº 2 from February 5, 2008.
Addresses security accreditation for handling classified information in the public sphere.
• Complementary Regulation nº 08/IN01/DSIC/GSIPR
Designates standards regarding IT incidents within the public administration.
• Complementary Regulation nº 21/IN01/DSIC/GSIPR
Designates standards regarding the collection and preservation of evidences of IT incidents within the public administration.
This second set of laws and administrative measures also apply to the civil society.
• Law No. 12,737/2012
Promoted changes in the Brazilian Penal Code, typifying computer crimes such as improper invasion, data access and modification.
• Regulation No. 4,658/2018
Sets forth rules for the hiring of relevant cloud computing services, data processing and storage, and cyber security policies, applicable to all financial institutions and/or those authorized to operate by the Brazilian Central Bank.

Provided By:
Renato Opice Blum, Opice Blum, Bruno, Abrusio e Vainzof Advogados Associados