Information Security and Fraud Protection
In recent years, Information Security is no longer na exclusive topic of IT and gained ground among the high ranks of companies, and demanded legal attention to deal with the issue of monitoring and privacy in corporate environments, specially to determine its conformity with the current Brazilian laws.
The subject of Information Security is extremely relevant to protect businesses and activities of Organizations, and involves the work of our experts in three different levels: Technology, Processes and People.
We emphasize that all documentation related to Information Security must be in legal compliance, aligning technical and legal aspects to protect operational procedures, and avoid matters related to privacy violations, monitoring, obtaining illegal evidence, loss of electronic evidence due to inappropriate collection, among others.
- Legal opinion and technical due diligence of the stage of maturity of the institution’s information security;
- Development and implementation of Information Security Management System, encompassing Information Security Policies, standards, procedures and contractual clauses;
- Development of BYOD Policy and mobility norms;
- Development and reviewing of the IT Code of Ethics, the Employee Code of Conduct, and other legal instruments to respond to new safety and labor issues brought about by the use of social networks and mobility tools;
- Development of Social Media Policy;
- Supporting and conducting awareness campaigns on Information Security for managers and teams with lectures and development of brochures, interactive content and online education to address large audiences;
- Development of Non-Disclosure Agreements;
- Support and participation in committees or information security groups;
- Legal advice on Digital Law to ensure that the performance of IT and InfoSec are aligned with the standards ABNT NBR ISO IEC 27001:2006, 27002:2005 and 18044, ITIL and the Brazilian legislation into force.
Legal support for compliance in information security, tracking regulatory documents, public consultations and managing institutional relations with public authority.