LGPD · Chapter VII — Security and good practices

Art. 46 Security measures

Adopt technical and administrative security measures to protect personal data from unauthorized access and accidental or unlawful destruction, loss, alteration or disclosure.

Mapped across 22 provisions

Equivalent and related requirements in other frameworks and regulations.

CCPA / CPRARelatedCurated
§1798.150 Duty to implement reasonable security
Risk assessment & management
CIS Controls v8PartialCurated
3.11 Encrypt sensitive data at rest
Cryptography & data protection
DORAPartialCurated
Art. 9 Protection and prevention
Cryptography & data protection
DORARelatedCurated
Art. 6 ICT risk management framework
Risk assessment & management
GDPRPartialCurated
Art. 32 Security of processing
Cryptography & data protection
GLBAPartialCurated
§314.4(c)(3) Encryption of customer information
Cryptography & data protection
HIPAAPartialCurated
§164.312(e)(1) Transmission security
Cryptography & data protection
HIPAARelatedCurated
§164.308(a)(1) Security management process
Risk assessment & management
ISO 27001PartialCurated
A.8.24 Use of cryptography
Cryptography & data protection
NIS2PartialCurated
Art. 21(2)(h) Cryptography and encryption
Cryptography & data protection
NIS2RelatedCurated
Art. 21(2)(a) Risk analysis and information system security policies
Risk assessment & management
NIST 800-171PartialCurated
3.13.11 Employ FIPS-validated cryptography
Cryptography & data protection
NIST 800-171RelatedCurated
3.11.1 Periodically assess risk
Risk assessment & management
NIST 800-53PartialCurated
SC-8 Transmission confidentiality and integrity
Cryptography & data protection
NIST 800-53PartialCurated
SC-28 Protection of information at rest
Cryptography & data protection
NIST 800-53RelatedCurated
RA-3 Risk assessment
Risk assessment & management
NIST CSF 2.0PartialCurated
PR.DS-01 Confidentiality of data-at-rest protected
Cryptography & data protection
NIST CSF 2.0PartialCurated
PR.DS-02 Confidentiality of data-in-transit protected
Cryptography & data protection
NIST CSF 2.0PartialCurated
ID.RA-01 Vulnerabilities identified and recorded
Risk assessment & management
PCI DSSPartialCurated
Req. 3 Protect stored account data
Cryptography & data protection
PCI DSSPartialCurated
Req. 4 Protect cardholder data with strong cryptography during transmission
Cryptography & data protection
SOC 2PartialCurated
CC6.7 Restricting data transmission
Cryptography & data protection

← All LGPD articles