Here is the English translation of your content, localized for clarity and professional tone:
π WHICH BUSINESSES ARE REQUIRED TO APPOINT A DATA PROTECTION OFFICER (DPO)?
π Under Decree No. 13/2023/NΔ-CP, any organization that processes sensitive personal dataβsuch as health information, biometric data, financial data, religious beliefs, etc.βis required to appoint a Data Protection Officer (DPO) as a mandatory safeguard for handling such data.
Examples: fintech companies, hospitals, or businesses that process employee health records (a type of sensitive data) must all appoint a DPO.
π According to the draft Law on Personal Data Protection, the appointment of a DPO becomes mandatory for all businesses, regardless of the type of personal data being processed. Specifically, businesses will be required to appoint either an internal DPO with sufficient expertise or outsource the function to a qualified individual or organization (external DPO).
π‘What should your business do today?
- Review the categories of personal data your organization is currently processing.
- Assess whether the data is considered βsensitiveβ (under Decree 13) or falls under the expanded scope (in the draft Law).
- Develop a plan to appoint an internal or external DPO based on your organizationβs specific needs.
π Contact PrivacyCompliance for guidance on appointing your DPO!
Legal Update | Guidance on Submitting Soft Copies of Personal Data Protection Impact Assessment Dossiers
Recently, the Department for Receiving and Returning Administrative Procedure Results on Personal Data Protection issued guidance on the submission of soft copies of the Personal Data Processing Impact Assessment Dossier and/or the Cross-border Personal Data Transfer Impact Assessment Dossier. Under the guidance, organizations and enterprises are required to submit the dossier in a .ZIP compressed […]
Learn more
Draft Decree on Data Exchanges: Proposed Legal Framework for Data Transactions in Vietnam
Draft Decree on Data Exchanges: Proposed Legal Framework for Data Transactions in Vietnam The draft Decree on data exchange operations is currently open for consultation and proposes a framework for organizing, operating, and governing data transactions in Vietnam in a more transparent, controlled, and secure manner. A notable feature of the draft is the proposed […]
Learn more
REDDIT FINED Β£14.47 MILLION FOR CHILDRENβS PRIVACY FAILURES β A LANDMARK UK ENFORCEMENT ACTION
π π₯πππππ§ πππ‘ππ Β£14.47 π πππππ’π‘ ππ’π₯ ππππππ₯ππ‘βπ¦ π£π₯ππ©πππ¬ πππππ¨π₯ππ¦ β π πππ‘ππ ππ₯π π¨π ππ‘ππ’π₯πππ ππ‘π§ πππ§ππ’π‘ Recently, the Information Commissioner’s Office (ICO) imposed a fine of approximately Β£14.47 million (~USD 19.5 million) on Reddit for processing the personal data of users under 13 without implementing appropriate age verification measures. This is reported to be the largest […]
Learn more