{"id":82,"date":"2024-06-01T13:34:24","date_gmt":"2024-06-01T13:34:24","guid":{"rendered":"https:\/\/aa.com.vn\/?page_id=82"},"modified":"2024-12-06T03:34:18","modified_gmt":"2024-12-06T03:34:18","slug":"data-protection-and-privacy-services","status":"publish","type":"page","link":"https:\/\/aa.com.vn\/vi\/services\/data-protection-and-privacy-services\/","title":{"rendered":"Data protection and privacy services"},"content":{"rendered":"
On the 17th of April the Vietnamese government published the Decree on Personal Data Protection (\u201cPDPD\u201d). The new regulation will come into effect on 1 July 2023. Prior to that date every business organization should perform a gap analysis between the current state of the data protection measures and the new requirements introduced by the PDPD.<\/h3>\n\n\n\n
As of the 1st of July 2023 the business entities will need to, among other things:<\/p>\n\n\n\n
\n
Have the valid consent of the individual persons to process their personal data (in accordance with the new PDPD requirements);<\/li>\n\n\n\n
Have appropriate internal procedures, agreements between data controllers and data processors, and required technical measures to meet the PDPD requirements.<\/li>\n\n\n\n
Assess whether the data it processes can be deemed sensitive;<\/li>\n\n\n\n
Prepare data protection impact assessments (in the way prescribed by PDPD) which must be submitted to the Ministry of Public Security.<\/li>\n\n\n\n
Prepare data protection impact assessments in relation to cross-border data transfers (these must also be submitted to the Ministry of Public Security);<\/li>\n<\/ul>\n\n\n\n
Selected key points of the PDPD include:<\/h2>\n\n\n\n
\n
New definitions\/concepts<\/strong> e.g. \u201cbasic personal data\u201d, \u201csensitive personal data\u201d, \u201cdata processor\u201d and \u201cdata controller\u201d;<\/li>\n\n\n\n
Data protection principles <\/strong>\u2013 Personal data should be processed in accordance with the principles of lawfulness, transparency, purpose limitation, data minimization, accuracy, integrity, confidentiality and accountability.<\/li>\n\n\n\n
Data subject notification<\/strong> \u2013 Data subjects must be notified about, among other things, the type of personal data that are collected, the purpose of collection and organisations that have access to the data etc;<\/li>\n\n\n\n
Data subject consent<\/strong> – The consent of the data subject is required to process personal data. The consent must be expressly made (silent default consent is not allowable) and can be partial or conditional. The data subject has the right to access and review his\/her personal data. If the data subject withdraws consent, then the relevant personal data must be deleted within 72 hours.<\/li>\n\n\n\n
Damage claims <\/strong>\u2013 Data subjects have the right to claim damages if their rights, as stated in the PDPD are infringed. Also, PDPD makes it illegal to collect, transfer, or sell personal data without the data subject\u2019s consent.<\/li>\n\n\n\n
Incident notification<\/strong> – Within 72 hours from a data breach or other violation of the PDPD, the personal data controller and the personal data controller cum processor are obliged to notify the Ministry of Public Security of the incident (including the measures taken to minimise the incident\u2019s consequences) using the form provided in the PDPD.<\/li>\n\n\n\n
Impact Assessment<\/strong> – Within 60 days of the date of data processing, organisations are required to prepare a personal data protection impact assessment. This must be done in accordance with the form provided in the PDPD, including information on the data controller and the data controller-cum-processor. The impact assessment is subject to evaluation by the Ministry of Public Security (Department of Cybersecurity and High-Tech Crime Prevention and Control). The impact assessment needs to be amended\/updated in case of any changes in the extent of the personal data processed by organisations.<\/li>\n\n\n\n
Transfer of personal data abroad:<\/strong> Transfer of personal data of Vietnamese citizens abroad requires preparation of a relevant impact assessment including a description of reasons, the purposes of transferring the data abroad and relevant consent of the data subjects. The impact assessment must also include a written data transfer agreement with the foreign entity which receives the data. Dossiers with impact assessments must be available for inspection at the organisation. One copy needs to be sent to the Ministry of Public Security within 60 days from the date of processing of personal data. The PDPD provides the form required for this type of impact assessment. Organisations are also required to update their impact assessment in case of changes (and send an update to the Ministry of Public Security). The Ministry of Public Security has the right to inspect the transfer of data abroad and may prohibit further transfers in case of noncompliance with PDPD.<\/li>\n\n\n\n
Protective measures<\/strong> \u2013 Every organisation needs to promulgate internal procedures on the protection of personal data in line with the PDPD requirements. There are also requirements in relation to network security systems and the ability to delete personal data within the 72 hour time window. The PDPD provides for a higher level of protective measures applicable in the case of organisations that process sensitive data and children\u2019s data.<\/li>\n\n\n\n
Sanctions<\/strong> – Lack of compliance with the PDPD may result in:\n
\n
Administrative sanctions for noncompliance with the PDPD.<\/li>\n\n\n\n
Criminal sanctions for certain acts infringing the right to privacy. <\/li>\n\n\n\n
Suspension of certain activities e.g. suspension of data transfer abroad.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<\/figure>\n\n\n\n
Who will be impacted by PDPD? Every company that processes personal data in Vietnam and abroad if a foreign entity processes personal data of Vietnamese residents.<\/strong><\/h2>","protected":false},"excerpt":{"rendered":"
On the 17th of April the Vietnamese government published the Decree on Personal Data Protection (\u201cPDPD\u201d). The new regulation will come into effect on 1 July 2023. Prior to that date every business organization should perform a gap analysis between the current state of the data protection measures and the new requirements introduced by the […]<\/p>","protected":false},"author":1,"featured_media":385,"parent":21,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"template-part\/protection-and-privacy.php","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-82","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"yoast_head":"\n
Data protection and privacy services - American Auditing<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/aa.com.vn\/vi\/services\/data-protection-and-privacy-services\/\" \/>\n<meta property=\"og:locale\" content=\"vi_VN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data protection and privacy services - American Auditing\" \/>\n<meta property=\"og:description\" content=\"On the 17th of April the Vietnamese government published the Decree on Personal Data Protection (\u201cPDPD\u201d). The new regulation will come into effect on 1 July 2023. Prior to that date every business organization should perform a gap analysis between the current state of the data protection measures and the new requirements introduced by the […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/aa.com.vn\/vi\/services\/data-protection-and-privacy-services\/\" \/>\n<meta property=\"og:site_name\" content=\"American Auditing\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-06T03:34:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/damil-gettyimages-1086740156-1600.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u01af\u1edbc t\u00ednh th\u1eddi gian \u0111\u1ecdc\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 ph\u00fat\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/\",\"url\":\"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/\",\"name\":\"Data protection and privacy services - American Auditing\",\"isPartOf\":{\"@id\":\"https:\/\/aa.com.vn\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/damil-gettyimages-1086740156-1600.webp\",\"datePublished\":\"2024-06-01T13:34:24+00:00\",\"dateModified\":\"2024-12-06T03:34:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#breadcrumb\"},\"inLanguage\":\"vi\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"vi\",\"@id\":\"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#primaryimage\",\"url\":\"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/damil-gettyimages-1086740156-1600.webp\",\"contentUrl\":\"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/damil-gettyimages-1086740156-1600.webp\",\"width\":1600,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/aa.com.vn\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Services\",\"item\":\"https:\/\/aa.com.vn\/services\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Data protection and privacy services\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/aa.com.vn\/#website\",\"url\":\"https:\/\/aa.com.vn\/\",\"name\":\"American Auditing\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/aa.com.vn\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"vi\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data protection and privacy services - American Auditing","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/aa.com.vn\/vi\/services\/data-protection-and-privacy-services\/","og_locale":"vi_VN","og_type":"article","og_title":"Data protection and privacy services - American Auditing","og_description":"On the 17th of April the Vietnamese government published the Decree on Personal Data Protection (\u201cPDPD\u201d). The new regulation will come into effect on 1 July 2023. Prior to that date every business organization should perform a gap analysis between the current state of the data protection measures and the new requirements introduced by the […]","og_url":"https:\/\/aa.com.vn\/vi\/services\/data-protection-and-privacy-services\/","og_site_name":"American Auditing","article_modified_time":"2024-12-06T03:34:18+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/damil-gettyimages-1086740156-1600.webp","type":"image\/webp"}],"twitter_card":"summary_large_image","twitter_misc":{"\u01af\u1edbc t\u00ednh th\u1eddi gian \u0111\u1ecdc":"4 ph\u00fat"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/","url":"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/","name":"Data protection and privacy services - American Auditing","isPartOf":{"@id":"https:\/\/aa.com.vn\/#website"},"primaryImageOfPage":{"@id":"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#primaryimage"},"image":{"@id":"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#primaryimage"},"thumbnailUrl":"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/damil-gettyimages-1086740156-1600.webp","datePublished":"2024-06-01T13:34:24+00:00","dateModified":"2024-12-06T03:34:18+00:00","breadcrumb":{"@id":"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#breadcrumb"},"inLanguage":"vi","potentialAction":[{"@type":"ReadAction","target":["https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/"]}]},{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#primaryimage","url":"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/damil-gettyimages-1086740156-1600.webp","contentUrl":"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/damil-gettyimages-1086740156-1600.webp","width":1600,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/aa.com.vn\/services\/data-protection-and-privacy-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/aa.com.vn\/"},{"@type":"ListItem","position":2,"name":"Services","item":"https:\/\/aa.com.vn\/services\/"},{"@type":"ListItem","position":3,"name":"Data protection and privacy services"}]},{"@type":"WebSite","@id":"https:\/\/aa.com.vn\/#website","url":"https:\/\/aa.com.vn\/","name":"American Auditing","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/aa.com.vn\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"vi"}]}},"_links":{"self":[{"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/pages\/82","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/comments?post=82"}],"version-history":[{"count":11,"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/pages\/82\/revisions"}],"predecessor-version":[{"id":1349,"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/pages\/82\/revisions\/1349"}],"up":[{"embeddable":true,"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/pages\/21"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/media\/385"}],"wp:attachment":[{"href":"https:\/\/aa.com.vn\/vi\/wp-json\/wp\/v2\/media?parent=82"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"https:\/\/aa.com.vn\/wp-content\/uploads\/2024\/10\/pdpd-journey.avif\")
<\/figure>\n\n\n\n