Papers & Books

Do foreign enterprises have to store their data in Vietnam? In this day and age, data in general is increasingly becoming more and more valuable. Most service-based companies live off data collected from their clients, prime examples of this type of companies include social media networks such as Facebook or search engines such as Google […]

Data privacy in Vietnam’s medical examination and treatment Confidentiality of information in medical examination and treatment activities is an paramount issue. Leakages of patients’ information will negatively affect the patient’s psyche and could lead to many unwanted consequences. Such events also degrades the reputation of medical examination and treatment facilities in the eyes of patients. […]

Data protection impact assessment – statutory obligation for enterprises The introduction of Decree No. 13/2023/ND-CP on Protection of Personal data (“the Decree”) has substantially altered the responsibilities of enterprises and organizations related to personal data protection, including the obligation to assess the impact of personal data processing. Here are some important contents on the data protection impact […]

Cross-border data transfer – for a seamless flow of data Decree 13/2023/ND-CP on the Protection of Personal Data (“Decree”) has finally been issued with many completely new regulations designed to protect personal data and control the “flow” of personal data, as well as set obligations that every business must comply with. In particular, an issue […]

Personal data breaches in Vietnam Personal data[1] is of great value in today’s digital economy due to its advantages for businesses, such as market and customer analysis, advertising, product marketing, etc. Therefore, violations related to personal data such as attacks on personal data systems, and theft or trading of personal data have been increasing. Meanwhile, most […]

Sensitive personal data in Vietnam Personal data requires particular protection in this digital age. In particular, sensitive personal data is even more vulnerable, easy-attacked and easy-abused; creating negative effects on data subjects and the whole society. Therefore, it is necessary to build a legal system to protect personal data in general and sensitive data in […]

Designating data protection officer – new obligation on enterprises Obligations related to data protection that enterprises and organizations must comply with would completely change since the effective date of Decree No. 13/2023/ND-CP on Personal Data Protection (“Decree”). One obligation is to designate a department functioned with personal data protection, to appoint personnel in charge of […]

Regulations on consumers’ information protection according to the law on protection of consumers’ rights 2023 On June 20, 2023, the National Assembly passed the Law on Protection of Consumers’ Rights No. 19/2023/QH15 (“LPCR”), effective from July 1, 2024, replacing the Law on Protection of Consumers’ Rights No. 59/2010/QH12. The new LPCR has set many requirements […]