data privacy star

Luiz Oliveria on the Importance of Data Maps when Building Privacy Programs

Privado celebrates the work of Luiz this Data Privacy Day.

Privacy and Incidents Development Specialist

About

Luiz is a Privacy and Incidents Development Specialist at Hotmart. He's previously served as a Full Stack Developer at Eteg, and at UFMG.

Luiz Oliveira
"Once you know where the data is, then you can enumerate how critical that data is."

What is your role and how does it relate to ensuring data privacy?

I'm a developer specialist focused on privacy and cybersecurity. It's part of my job to analyze and help the teams to build applications that are secure with less personal data as possible.

Tell us about your approach to building privacy programs

A privacy program needs to have people dedicated to building your privacy program and, for me, a DPO and a governance team to be good references for your company. After you get it, the people are always good to have a place where people can ask questions or search for an answer that has already been made.

Tell us about your approach to measuring and prioritizing data privacy risks

To measure, the best thing to do is create a data map that shows where your data is, so try to create automation from every part code, database, and contract. Knowing where your data is, you can define the risk by type of data, like who had access to this part, how easy is to create a dump and upload, which apps are using this data, and what are their security levels. 

What has surprised you the most about your privacy work? 

The size and depth of this area impressed me. Working in privacy is dynamic and ongoing. From a legal standpoint, new laws are surfacing, and we must adhere to them. Teams working on developing software continually produce new databases and applications that aren't completely privacy compliant. It's a never-ending task to detect these anomalies and capacitate teams automatically!

What are some challenges you have faced and how have you overcome them?

How to ensure that our existing data is privacy compliant is one of the main issues. The volatility and continual growth of our data make manual approaches nearly impossible. The data governance team's automation, the concentration of critical data in single databases, and team capacity building through internal training help us to continuously solve this issue.

Who are other stakeholder teams, and how do you engage and interact with them to solve data privacy concerns?

We have a DPO that gives us a lot of information and helps us manage data and how to be compliant in the organization, and a data governance team that helps us to create automatizations and improve our process to accomplish the next level.

For all privacy practitioners, privacy engineers and/or security folks out there, what are some best practices to share or pitfalls to avoid when trying to ensure data privacy?

My recommendation is to learn about the process and understand the maximum before starting to implement, you need a solid background to make the process and avoid the maximum exposure you can.


The best approaches, in my opinion, are to capacitate teams with data training, collaborate with cybersecurity teams to create policies to make data safe, and routinely audit your data.

Predictions - what do you see coming in 2023 for data privacy?

I think that would be some new regulations CCPA was the first one in the US, and this year some states will release theirs, another thing is the restrictions on website cookies, we live a long period of data tracking using this feature, and last year this type of use is going to be less common, but this doesn't mean that the company will not track your data this will be done in another way and everyone should be warned about it.


The last thing is about the jobs that are data privacy related these jobs will be more common in every organization in 2023, so expect to see more open positions too.

What’s one thing everyone who has a Data Privacy mandate should keep in mind during Data Privacy Day?

It's a work in progress, and your first solution won't be the last one you made, new regulations and concepts are being developed right now so changes will be necessary to your solution.

A feature by Privado on Data Privacy Day 2023

Stay updated with future events and resources

Get updates on email

Stay up to date with our Data Privacy events and gatherings, and when new insights are published.

By submitting your email you agree to our Terms of Service and Privacy Policy.
Thank you for subscribing, we have sent a confirmation email to your inbox
Oops! Something went wrong while submitting the form.

We are also on Slack

Connect with like-minded professionals and learn from the best in the field of data privacy.

This button will direct you to the invite page of the Privado Community on Slack.

More about the event

Who are Data Privacy Stars?

Data Privacy Stars are innovative privacy champions who have a grasp of today’s challenges and can project a vision about what should come next. ‘Privacy All Stars' are professionals with considerable data privacy-related achievements accumulated over the years, while 'Privacy Rising Stars’ are passionately driving data privacy initiatives.

Data Privacy Stars are innovative privacy champions who have a grasp of today’s challenges and can project a vision about what should come next. ‘Privacy All Stars' are professionals with considerable data privacy-related achievements accumulated over the years, while 'Privacy Rising Stars’ are passionately driving data privacy initiatives.

How is Privado celebrating Data Privacy Day?

Privado is celebrating Data Privacy Day by recognizing individuals doing outstanding work in implementing innovative privacy programs. As part of its Data Privacy Stars campaign, Privado has planned a series of activities to celebrate and recognize these individuals.

Privado is celebrating Data Privacy Day by recognizing individuals doing outstanding work in implementing innovative privacy programs. As part of its Data Privacy Stars campaign, Privado has planned a series of activities to celebrate and recognize these individuals.

What does it mean to be a Data Privacy Star?

The ‘Data Privacy Star’ recognition validates individuals who receive it as innovative privacy champions who have a grasp of today’s challenges and can project a vision about what should come next.

The ‘Data Privacy Star’ recognition validates individuals who receive it as innovative privacy champions who have a grasp of today’s challenges and can project a vision about what should come next.

What activities does the program entail?

As part of the Data Privacy Stars campaign, Privado has planned a series of activities to celebrate and recognize the privacy stars. These include a series of 10-minute video interviews called 'Star Insights', a microsite featuring Data Privacy Stars, celebrating the Privacy Stars on the NASDAQ Billboard, exclusive Data Privacy Week Dinners in the US and Europe, and ongoing engagement on the Privado Community.

As part of the Data Privacy Stars campaign, Privado has planned a series of activities to celebrate and recognize the privacy stars. These include a series of 10-minute video interviews called 'Star Insights', a microsite featuring Data Privacy Stars, celebrating the Privacy Stars on the NASDAQ Billboard, exclusive Data Privacy Week Dinners in the US and Europe, and ongoing engagement on the Privado Community.

I still have questions, who can I connect with?

If you have any questions or want to know more about the Data Privacy Stars campaign, you can reach out to Privado on hello@privado.ai.

If you have any questions or want to know more about the Data Privacy Stars campaign, you can reach out to Privado on hello@privado.ai.