Annually, the Association conducts approximately 80 million examinations. Nationwide, this volume has been increasing, which also generates a growing demand for the processing of patient data.
The data protection-as-a-service market is expected to grow at an annual rate of 24,30% between 2021 and 2028. This is according to research by Data Bridge Market Research, which also forecasts a total of $83,17 billion within three years. Alongside this concern for data protection and privacy, the healthcare sector is also registering significant growth.
In Brazil alone, according to data from ABRAMED, patients used the Unified Health System (SUS) and supplementary health insurance to undergo 2,4 billion examinations in 2023, an 11% increase compared to the previous year. And the trend, according to experts, is that this volume will continue to increase as the population gets older.
Given this scenario, the need to process these patients' data, as well as their medical records, is urgent. “Data protection in itself is already an extremely important issue. But when it comes to health, culturally it's easier for people to realize this and be aware of it. Both regarding medical history and an exam that may contain sensitive patient information, it's noticeable that common sense is imbued with a greater concern for privacy. Therefore, it becomes even more strategic for companies in the sector to prepare and comply with the LGPD (Brazilian General Data Protection Law), as they may face greater scrutiny, be more in the spotlight of public opinion, and even oversight,” analyzes Aline Deparis, CEO of Privacy Tools.
With a comprehensive scope in the healthcare field, the Research Incentive Fund Association (AFIP), for example, performs approximately 80 million tests per year, with an installed capacity for up to 120 million. The institution performs about 8% of the tests for the Brazilian Unified Health System (SUS) nationwide and 40% of those belonging to the public network in the state of São Paulo, handling a massive volume of sensitive data daily.
Considered the largest clinical analysis laboratory in the SUS (Brazilian Public Health System) outpatient network and with approximately 3.500 employees, AFIP relies on Privacy Tools to comply with the General Data Protection Law (LGPD). After experimenting with other solutions, the Association found in the company a platform that combines ease of use, efficiency, and excellent cost-effectiveness. Since implementing the Privacy Tools solution, the management of data subject requests has undergone a significant transformation.
“Previously, the team faced challenges in monitoring and adequately responding to requests received by email, handling up to 200 daily requests for test results. This volume overwhelmed the team and made it difficult to control the responses sent,” explains Christian Higuchi, DPO of AFIP.
With the DSAR (Data Subject Access Request) module from Privacy Tools, AFIP gained complete control over data subject requests, drastically reducing the volume of demands. “In just a few months, the number of daily requests dropped significantly, reaching only 20 requests per month. This reduction was possible thanks to the visibility provided by the tool, allowing for more strategic and effective management of communication with patients,” celebrates Christian.
The Privacy Tools platform has also brought significant gains in cookie management and privacy policies. Before adopting the solution, AFIP did not have a structured system for cookie management. Today, with the platform, all policies are centralized and easily updated, ensuring compliance and transparency in data processing.
“The implementation optimized the management of consents and internal processes related to data protection, which is essential for an organization that handles highly sensitive information. Currently, AFIP manages a database with a large volume of patient data, each potentially containing multiple exams, making the security and traceability of information even more critical,” explains the DPO.
With Privacy Tools, AFIP has consolidated more efficient data management, ensuring not only compliance with the LGPD (Brazilian General Data Protection Law), but also greater security. “The agility in internal processes and the ease of use of the platform allows the Data Protection team to focus on strategies and continuous improvements, instead of wasting time on manual and bureaucratic tasks,” highlights Aline Deparis, CEO of Privacy Tools.
Adopting this tool reinforces AFIP's commitment to the privacy and security of patient data, promoting a safer and more efficient environment for everyone involved in the healthcare ecosystem.
Privacy Tools is a leading privacy governance platform in Brazil and a pioneer in offering solutions focused on the General Data Protection Law (LGPD).
Founded in 2019 by Aline Deparis and Marison Souza, it was created with the purpose of promoting a culture of responsibility, security, and compliance in data processing.
Since then, it has supported over 700 companies in building ethical and sustainable businesses, promoting data protection as a competitive differentiator. Its approach combines technology, innovation, and regulatory expertise to address the growing challenges of privacy and corporate governance.
Privacy Tools acts as a strategic partner throughout the compliance journey, offering tools and expertise that strengthen management, transparency, and alignment with best market practices.
