“To be compliant with the Brazilian General Data Protection Law (LGPD) is a temporary status, which should be maintained on a day-to-day basis. In other words, there is no final line in the LGPD compliance program, since new projects and business plans should always be evaluated according to the new data protection rules and principles.”
True for preparing for the new Brazil privacy law. Equally true for preparing for the California Consumer Privacy Act (CCPA) and for continued compliance with GDPR.
Details from the International Association of Privacy Professionals.