Technological advancements have transformed all aspects of life, generating a large volume of data that companies collect and use to make decisions. With increasing connectivity, data protection has become crucial, leading countries to adopt laws to protect sensitive data. For instance, Brazil created Law No. 13,709 of August 14, 2018—the General Data Protection Law (LGPD), which follows the European General Data Protection Regulation (GDPR) model. The LGPD aims to protect personal data and ensure privacy by imposing obligations on organizations that handle such data. In this context, the objective of this work is to create a framework with indicators that can generate reports or dashboards, providing a diagnostic of the organization to help identify its maturity level. This framework will aid in monitoring and improving the collected data, supporting the entire implementation process from initial to advanced maturity stages of the LGPD in companies. The results highlight that the development, implementation, and continuous evolution of such tools are essential for strengthening the culture of privacy within organizations and ensuring compliance with the legal obligations established by the LGPD. Awareness of the importance of data privacy and security is essential, as some people do not understand the risks associated with sharing sensitive information. Implementing the LGPD is challenging, requiring cultural changes and investments in information security. Companies must stay updated on the law to ensure compliance and avoid sanctions.
