A aplicação da Lei Geral de Proteção de Dados pessoais nas Instituições Federais de Ensino Superior à luz da abordagem sociotécnica

Detalhes bibliográficos
Ano de defesa: 2022
Autor(a) principal: Souza, Taciana Rita Santos
Orientador(a): Não Informado pela instituição
Banca de defesa: Não Informado pela instituição
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Universidade Federal da Paraíba
Brasil
Administração
Programa de Pós-Graduação em Administração
UFPB
Programa de Pós-Graduação: Não Informado pela instituição
Departamento: Não Informado pela instituição
País: Não Informado pela instituição
Palavras-chave em Português:
Link de acesso: https://repositorio.ufpb.br/jspui/handle/123456789/26407
Resumo: This research aimed to evaluate the difficulties of the LGPD implementation and optimization process in the Federal Institutions of Higher Education (IFES), in the light of the Sociotechnical Approach. At first, performing the RSL provided credits to understand the main discussions existing in the literature on the LGPD. The empirical study, on the other hand, is qualitative and exploratory, and the document analysis covered the period from August 2020 to August 2022. As procedures for data collection and analysis, semi-structured interviews were carried out using the “snowball” method. with Directors or Superintendents of the Information Technology area, personal data officers and members of commissions or technical working groups directly involved in the process of implementing and supervising the LGPD. In total, 26 civil servants from 18 IFES in the following regions of the country were taken: North, Northeast, Midwest and Southeast. In order to achieve the established objectives, four analytical categories were defined for the content analysis: 1) Organization; 2) Management; 3) Privacy and Security; and 4) Process Mapping. The enthusiastic results are that only four IFES are at the most advanced level for the LGPD, having already implemented their privacy policy, while the majority only have minimal initiatives for the protection of personal data. With regard to the applicability of the LGPD principles, more emphasis was placed on the following: security, intuition, need, necessity and prevention, which were of greater attention by the institutions in the process of implementing and improving the LGPD. According to the results, factors such as the lack of personnel, budgetary difficulties, training of servers, the procedural flow and the absence of systems for receiving remission or forwarding actions for the processing of personal data are presented as challenges to be addressed faced. Added to this are aspects related to organizational culture and the organization of tasks, which also make it difficult to achieve compliance. As for future recommendations, it is suggested to explore other organizations defining parameters to achieve effective compliance. It is expected that the results discussed can be enriched with the inclusion of actors who were not present in the data analysis, such as the servers that are allocated in the following sectors: People Management, Legal Advocacy, Education, Tenders and Contracts in the IFES.