Here is the English translation of your content, localized for clarity and professional tone:
🔒 WHICH BUSINESSES ARE REQUIRED TO APPOINT A DATA PROTECTION OFFICER (DPO)?
👉 Under Decree No. 13/2023/NĐ-CP, any organization that processes sensitive personal data—such as health information, biometric data, financial data, religious beliefs, etc.—is required to appoint a Data Protection Officer (DPO) as a mandatory safeguard for handling such data.
Examples: fintech companies, hospitals, or businesses that process employee health records (a type of sensitive data) must all appoint a DPO.
👉 According to the draft Law on Personal Data Protection, the appointment of a DPO becomes mandatory for all businesses, regardless of the type of personal data being processed. Specifically, businesses will be required to appoint either an internal DPO with sufficient expertise or outsource the function to a qualified individual or organization (external DPO).
💡What should your business do today?
- Review the categories of personal data your organization is currently processing.
- Assess whether the data is considered “sensitive” (under Decree 13) or falls under the expanded scope (in the draft Law).
- Develop a plan to appoint an internal or external DPO based on your organization’s specific needs.
👉 Contact PrivacyCompliance for guidance on appointing your DPO!
PDPL QUEST 01: ARE YOU PREPARED TO DELETE EMPLOYEE’S PERSONAL DATA?
ARE YOU PREPARED TO DELETE EMPLOYEE’S PERSONAL DATA? Under Article 25 of Vietnam’s Personal Data Protection Law 2025, employers are required to delete or destroy employees’ personal data once the employment contract ends, unless otherwise agreed or legally required to retain it. ➡️ To continue processing personal data post-employment (e.g. for legal or compliance […]
Learn more
OFFICIALLY ISSUE THE LAW ON PERSONAL DATA PROTECTION
OFFICIALLY ISSUE THE LAW ON PERSONAL DATA PROTECTION Source: Hoàng Ngọc – People’s Deputies Online On the morning of June 26, under the chairmanship of Vice President of the National Assembly, Senior Lieutenant General Trần Quang Phương, the National Assembly voted to pass the Law on Personal Data Protection with 433 out of 435 deputies […]
Learn more
IN-HOUSE DPO VS. OUTSOURCED DPO – WHICH SOLUTION SAVES COSTS AND ENSURES COMPLIANCE?
💥 IN-HOUSE DPO VS. OUTSOURCED DPO – WHICH SOLUTION SAVES COSTS AND ENSURES COMPLIANCE? 🔒 Decree No. 13/2023 and the Draft Law on Personal Data Protection require all businesses to appoint a Data Protection Officer (DPO). The draft law explicitly gives businesses the right to choose between appointing an internal DPO or engaging […]
Learn more