Artifact GuideBrazilChecklist

Brazil LGPD Checklist

Use this checklist to validate notices, controls, workflows, records, and escalation points before go-live, periodic reviews, or enforcement preparation.

Use this section to define scope, owner, evidence inputs, and the review outcome before execution.

Back to main artifactReview sources
Author
Sorena AI
Published
May 9, 2026
Updated
May 9, 2026
Sections
3

Structured answer sets in this page tree.

Primary sources
6

Cited legal and guidance references.

Publication metadata
Sorena AI
Published May 9, 2026
Updated May 9, 2026
Overview

Use this page to turn the LGPD into a practical checklist for product, legal, privacy, security, and compliance teams. It helps you confirm the trigger, owner, deadline, evidence, and review path before go-live or periodic review.

Section 1

How should a Checklist workflow run under the Brazil LGPD?

Run the workflow as LGPD processing triage: role, purpose, lawful basis, data category, right/transfer/incident trigger, required action, evidence, and DPO review.

  • Capture the request, product, role, data flow, jurisdiction, and deadline.
  • Check the source-linked rule and route exceptions before implementation.
  • Record the action taken, owner, reviewer, evidence location, and next review date.
  • Keep a plain-language output that support, product, legal, security, and compliance teams can all understand.
Sources for this answer
LEI Nº 13.709, DE 14 DE AGOSTO DE 2018
Primary LGPD source for checklist fields such as role, purpose, lawful basis, data category, rights handling, security, and accountability evidence.
PORTARIA ANPD N° 35, DE 4 DE NOVEMBRO DE 2022
ANPD internal-regulation source used to route checklist escalation, authority ownership, and governance review steps.
RESOLUÇÃO CD/ANPD Nº 4, DE 24 DE FEVEREIRO DE 2023
ANPD sanctions-regulation source used to connect checklist gaps with enforcement-risk and remediation evidence.
Section 2

What fields should the Brazil LGPD checklist template capture?

A useful template captures role, purpose, lawful basis, data subject, category, transfer or incident trigger, owner, evidence, and ANPD/DPO escalation note.

  • Source URL and source quote.
  • Entity, product, service, system, data category, and user group.
  • Decision result, control action, owner, reviewer, due date, and escalation reason.
  • Evidence attachment, approval note, exception note, and review cadence.
Sources for this answer
PORTARIA ANPD N° 35, DE 4 DE NOVEMBRO DE 2022
ANPD internal-regulation source used to route checklist escalation, authority ownership, and governance review steps.
RESOLUÇÃO CD/ANPD Nº 4, DE 24 DE FEVEREIRO DE 2023
ANPD sanctions-regulation source used to connect checklist gaps with enforcement-risk and remediation evidence.
Resolução CD/ANPD nº 2, de 27 de janeiro de 2022
ANPD small-processing-agent regulation for simplified processing records and essential security measures under the LGPD.
Section 3

How should teams review and improve the Brazil LGPD checklist workflow?

Review the workflow after ANPD guidance, new vendors, new purposes, cross-border changes, incidents, complaints, or changes to data-subject channels.

  • Track recurring exception categories and update intake questions.
  • Remove fields that never affect the decision.
  • Add fields when reviews show missing source evidence or unclear ownership.
  • Confirm generated markdown and page content include the same visible source-linked guidance.
Sources for this answer
LEI Nº 13.709, DE 14 DE AGOSTO DE 2018
Primary LGPD source for checklist fields such as role, purpose, lawful basis, data category, rights handling, security, and accountability evidence.
PORTARIA ANPD N° 35, DE 4 DE NOVEMBRO DE 2022
ANPD internal-regulation source used to route checklist escalation, authority ownership, and governance review steps.
RESOLUÇÃO CD/ANPD Nº 4, DE 24 DE FEVEREIRO DE 2023
ANPD sanctions-regulation source used to connect checklist gaps with enforcement-risk and remediation evidence.
GUIA ORIENTATIVO SOBRE SEGURANÇA DA INFORMAÇÃO PARA AGENTES DE TRATAMENTO DE PEQUENO PORTE
Official ANPD guide for practical security controls and checklist evidence for small processing agents under the LGPD.
Recommended next step

Turn Brazil LGPD Checklist into assigned work

This artifact page provides practical inputs, owner roles, required outputs, and evidence checkpoints for checklist.

Assessment workflow
Open Assessment Autopilot for Brazil LGPD

Turn Checklist into scoped questions, evidence fields, and review tasks.

Explore next step
Research workflow
Review Brazil LGPD source evidence

Use Research Copilot to answer follow-up questions with cited source material.

Explore next step
Talk to Sorena
Talk through implementation

Review scope, evidence, owners, and the next compliance actions with operational practice.

Explore next step
Primary sources

References and citations

LEI Nº 13.709, DE 14 DE AGOSTO DE 2018
planalto.gov.br
Referenced sections
  • Primary LGPD source for checklist fields such as role, purpose, lawful basis, data category, rights handling, security, and accountability evidence.
"Esta Lei dispõe sobre o tratamento de dados pessoais, inclusive nos meios digitais, por pessoa natural ou por pessoa jurídica."
PORTARIA ANPD N° 35, DE 4 DE NOVEMBRO DE 2022
in.gov.br
Referenced sections
  • ANPD internal-regulation source used to route checklist escalation, authority ownership, and governance review steps.
"Aprova o Regimento Interno da Autoridade Nacional de Proteção de Dados - ANPD."
RESOLUÇÃO CD/ANPD Nº 1, DE 28 DE OUTUBRO DE 2021
in.gov.br
Referenced sections
  • ANPD procedural-regulation source for handling data-subject requests and authority-facing process records.
"Seção III Do Recebimento de Requerimentos [FOOTER/URL] Page 7/14 RESOLUÇÃO CD/ANPD Nº 1, DE 28 DE OUTUBRO DE"
Resolução CD/ANPD nº 2, de 27 de janeiro de 2022
gov.br
Referenced sections
  • ANPD small-processing-agent regulation for simplified processing records and essential security measures under the LGPD.
"medidas administrativas e técnicas essenciais e necessárias"
RESOLUÇÃO CD/ANPD Nº 4, DE 24 DE FEVEREIRO DE 2023
in.gov.br
Referenced sections
  • ANPD sanctions-regulation source used to connect checklist gaps with enforcement-risk and remediation evidence.
"aprova o Regulamento de Dosimetria e Aplicação de Sanções Administrativas."
Related guides

Explore more topics

Brazil LGPD Anpd Enforcement And Fines Guide
Brazil LGPD guidance for Anpd Enforcement And Fines, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Applicability Test Guide
Practical guidance for the Brazil LGPD applicability test, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Breach Notification Guide
Brazil LGPD guidance for Breach Notification, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Compliance Guide
Practical guidance for the Brazil LGPD compliance, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Controller Operator And DPO Roles Guide
Brazil LGPD guidance for Controller Operator And DPO Roles, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Data Subject Rights Guide
Brazil LGPD guidance for Data Subject Rights, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Deadlines and Compliance Calendar Guide
Brazil LGPD guidance for Deadlines and Compliance Calendar, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD DSAR Response Template Guide
Brazil LGPD guidance for LGPD DSAR Response Template, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD DSAR Workflow Guide
Brazil LGPD guidance for DSAR Workflow, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Incident Reporting To Anpd Guide
Brazil LGPD guidance for Incident Reporting To Anpd, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Incident Workflow Guide
Brazil LGPD guidance for Incident Workflow, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD International Transfer Mechanisms Guide
Brazil LGPD guidance for International Transfer Mechanisms, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD International Transfers Guide
Brazil LGPD guidance for International Transfers, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Lawful Bases Guide
Brazil LGPD guidance for Lawful Bases, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Legal Bases And Legitimate Interest Balancing Guide
Brazil LGPD guidance for Legal Bases And Legitimate Interest Balancing, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD penalties and fines Guide
Brazil LGPD guidance for penalties and fines, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Privacy Law FAQ
Practical guidance for the Brazil LGPD FAQ, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Requirements Guide
Practical guidance for the Brazil LGPD requirements, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Ripd And DPIA Evidence Guide
Brazil LGPD guidance for Ripd And DPIA Evidence, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Ripd Workflow Guide
Brazil LGPD guidance for Ripd Workflow, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Small Processing Agents Guide
Brazil LGPD guidance for Small Processing Agents, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Templates Guide
Practical guidance for the Brazil LGPD templates, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD Transfer Workflow Guide
Brazil LGPD guidance for Transfer Workflow, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD vs CCPA Guide
Brazil LGPD guidance for LGPD vs CCPA, with practical decisions, evidence, edge cases, and external source citations.
Brazil LGPD vs GDPR Guide
Brazil LGPD guidance for LGPD vs GDPR, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Children's Data under the Brazil LGPD?
Brazil LGPD guidance for Children's Data, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Controller Operator And DPO Roles under the Brazil LGPD?
Brazil LGPD guidance for Controller Operator And DPO Roles, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Cookies under the Brazil LGPD?
Brazil LGPD guidance for Cookies, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Incident Reporting To ANPD under the Brazil LGPD?
Brazil LGPD guidance for Incident Reporting To ANPD, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about International Transfer Mechanisms under the Brazil LGPD?
Brazil LGPD guidance for International Transfer Mechanisms, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Legal Bases under the Brazil LGPD?
Brazil LGPD guidance for Legal Bases, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Legitimate Interest Balancing under the Brazil LGPD?
Brazil LGPD guidance for Legitimate Interest Balancing, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Ripd And DPIA under the Brazil LGPD?
Brazil LGPD guidance for Ripd And DPIA, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Sanctions Methodology under the Brazil LGPD?
Brazil LGPD guidance for Sanctions Methodology, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Small Processing Agents under the Brazil LGPD?
Brazil LGPD guidance for Small Processing Agents, with practical decisions, evidence, edge cases, and external source citations.