Banca de DEFESA: NAJARA MARA NASCIMENTO DE PAULA
Uma banca de DEFESA de MESTRADO foi cadastrada pelo programa.STUDENT : NAJARA MARA NASCIMENTO DE PAULA
DATE: 28/05/2024
TIME: 08:00
LOCAL: https://meet.google.com/mhj-yxhb-ukb
TITLE:
INFORMATION SECURITY UNDER THE PRECEPTS OF THE GENERAL DATA PROTECTION LAW: CASE STUDY IN THE LIGA NORTE RIOGRANDENSE CONTRA O CÂNCER
KEY WORDS:
information security; general data protection law; Liga Norte Riograndense Contra o Câncer.
PAGES: 130
BIG AREA: Ciências Sociais Aplicadas
AREA: Ciência da Informação
SUMMARY:
Organizations have become large information centers and there are many purposes that justify the processing of data by companies. Information can be a relevant asset in organizations, when treated correctly during its life cycle, it adds value and becomes relevant to organizational processes, this fact strengthens the possibility of companies’ success. But the constant use of mass data, if not well managed, is capable of causing irreparable damage to society, it is necessary to take care of the data to avoid misuse by unauthorized people. For this purpose, the General Data Protection Law (LGPD) comes into force in Brazil. Thus, this research addresses how the area of Information Security contributes to LGPD compliance in the Liga Norte Riograndense Contra o Câncer (LIGA) hospital network. With the aim of proposing actions to adapt the General Data Protection Law, through the application of Information Security guidelines to employees of the Liga Norte Riograndense Contra o Câncer, through Business Process Management. Specifically, it aims to: a) Identify personal and sensitive personal data that are used in LIGA sectors and in which processes; b) Map the processes that are linked to personal and sensitive personal data; c) Adapt irregular processes mapped in accordance with the LGPD, based on a Business Process Management (BPM) methodology; d) Propose a checklist with recommendations for projects to adapt to LGPD in hospitals. The theoretical framework is formed by the historical and conceptual contextualization of the themes: General Data Protection Law, information security, business process management, as well as highlighting data protection in the healthcare area. Exploratory in nature, the research uses inductive and case study methods, applying data collection techniques: action research, standardized interviews using forms and business process management. The forms was created with the participation of the LIGA Data Protection Committee, made up of a multidisciplinary team from the institution. The universe is made up of forty-one sectors, distributed across four major areas: patient experience coordination, medical coordination, infrastructure coordination and oncology school. It presents a general analysis of LIGA, with regard to the processing of data carried out in the sectors with the LGPD guidelines, identifies irregular processes and guides, based on phases and stages of the BPM, the compliance of the processes with the Law. As an intervention project, it proposed a check list with recommendations based on Information Security and LGPD for hospitals of the same size or similar to LIGA. It is concluded that LIGA has good maturity in most stages of the information life cycle in its processes, but points such as storage, storage period and disposal need attention. The need to insert new activities into existing processes and create new processes to meet the institution’s compliance with the LGPD was noted.
COMMITTEE MEMBERS:
Presidente - 1132649 - GABRIELLE FRANCINNE DE SOUZA CARVALHO TANUS
Interno - 2087429 - PEDRO ALVES BARBOSA NETO
Externo à Instituição - DAVIS SOUZA ALVES
Externa à Instituição - ELISÂNGELA CRISTINA AGANETTE