The Autoridade Nacional de Proteção de Dados (ANPD) is proposing an adaption to the current data protection rules for small and medium-sized enterprises. 

ANPD Director Arthur Pereira Sabbat indicated that the drafting process is still in its early stages with “several ideas” being considered. 

“The idea is to put something on the shoulders of small and medium enterprises (SMEs) that is feasible to them,” said Sabbat on Thursday at the E-Cyber Security Forum. 

Sabbat explained that often smaller businesses divert staff from commercial and other core functions to data protection duties - which is not the ANPD’s aim. The adaption will aid small and medium enterprises in complying with the General Data Protection Regulations at a minimal level.

A survey conducted by Brazilian martech RD Station revealed that of 1,100 SMEs polled, only 35% of companies said they were feeling prepared to meet the data protection requirements - whilst 65% admitted that their businesses did not comply with the new regulations. 

The first draft will be discussed in a consultation to be launched in the next three weeks.


PrivSec Global

Make sure to register to PrivSec Global and hear thought-leaders discuss and debate regulatory developments in America.

Must see sessions include:

  • America Focus: Caribbean Data Protection and Privacy Regulations | 22 June at 4:00pm BST | 5:00pm CEST | 11:00pm HK

  • America Focus: LGPD: Compliance, Enforcement and the Impact of South American Privacy Laws | 22 June at 6:00pm BST | 7:00pm CEST | 1:00am 

  • Middle East and North Africa Focus: Data Protection and Privacy Regulations Across the Region | 23 June at 9:00am BST | 10:00am CEST | 4:00pm