Securiti leads GigaOm's DSPM Vendor Evaluation with top ratings across technical capabilities & business value.

View

Vietnam’s Law on Cyberinformation Security, Law No. 86/2015/QH13

Operationalize compliance with the most comprehensive PrivacyOps platform

Last Updated on November 8, 2023

Schedule Your
Personal Demo

Learn how you can leverage Securiti’s Data Command Center to address data security, privacy, governance, and compliance.

See a demo
Schedule your demo today

Vietnam’s Law on Cyberinformation Security, Law No. 86/2015/QH13, was enacted in 2015. The law applies to all activities related to the protection of national security and information security in cyberspace within Vietnam. The law consists of seven chapters and 58 articles covering various aspects of cybersecurity, including the protection of critical information infrastructure, data protection, and the prevention of cybercrime.

The law deals with network information security activities, rights, and responsibilities of individuals, organizations, and agencies in securing network information. It covers civil cryptography, technical standards, and norms for network information security, information security business, human development for network information security, and state management of network information security.

The law also focuses on data protection and privacy, imposing obligations on organizations to ensure the security and confidentiality of personal information and other data. It also imposes penalties for cybercrime offenses, including hacking, spreading malware, and cyberterrorism.

The law establishes the legal framework for information security management, requiring organizations to establish information security policies and procedures and to implement measures to protect their information systems and networks. The law also deals with international cooperation and exchange in the field of cybersecurity, promoting cooperation among countries to prevent and combat cyber threats.


The Solution

Securiti enables organizations to comply with Vietnam’s Law on Cyberinformation Security, Law No. 86/2015/QH13, through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.

Securiti supports enterprises in their journey toward compliance with Vietnam’s Law on Cyberinformation Security, Law No. 86/2015/QH13, through automation, enhanced data visibility, and identity linking.

Vietnam Law compliance Solution

Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.


Assess Personal Information Protection Act Readiness

Articles:16,  17

With the help of Securiti’s multi-regulation, collaborative, readiness, and privacy impact assessment system, you can measure your organization's posture against Law on Cyberinformation Security, Law No. 86/2015/QH13, identify the gaps and address the risks.

Vietnam Readiness Assessment Automation
Vietnam data access request

Secure Fulfillment of Data Subjects' Rights Requests

Articles: 17(3) + 18

DSR automation allows data subjects to request access, updating, alteration, or deletion of their personal information collected or stored by organizations and individuals handling their personal data. Securiti’s Data Subject Access Requests automation also enables organizations to create customized data subject rights request forms embedded in websites, verify identities, and aggregate requests into a fulfillment automation workbench.

Universal Consent Management

Article: 10(2)

Allows individuals and organizations to capture consent from data subjects when sending them commercial information and fulfills consent revocation when data subjects refuse to receive such information.

Vietnam Universal Consent Management
Vietnams Law Regulation Cookie Consent Compliance

Monitor and Track Consent

Article: 17(1)

Enables capturing consent for the collection of personal data, using it for a secondary purpose, and disclosure or sharing it with third parties and automating in a simplified and automatic manner. Securiti's Consent Management Platform enables organizations to obtain end-users' consent for data access, retrieval, and advertising purposes.

Data Mapping

Articles: 9 + 16 + 17

Allows organizations and individuals to classify information in possession by its sensitivity level, confidentiality and information security level. Securiti’s Data Mapping automation harnesses data discovery to keep asset and processing records up-to-date, initiate privacy impact assessments (PIAs), generate a record of processing activities (RoPA) reports, and assess risk associated with their data life cycle.

Vietnam Data Mapping
Vietnam breach response notification

Automate Data Breach Response Notifications

Article: 13

Automates response to network information security incidents in a timely, speedy, accurate and effective manner. Automate compliance actions and breach notifications to concerned stakeholders concerning security and data breach incidents by leveraging a knowledge database on security and data breach incident diagnosis and response. Issue timely notification of eligible data breaches to the regulatory authority, and individuals, the information that is to be provided to the individuals, and circumstances when notification is to be made to the public.

Enable Appropriate Security Controls

Articles: 10(3)(d) + 11 + 18(2)(b) + 19 + 24

Data Security Posture Management enables you to create security posture policies as per the requirements of the applicable law and remediate security settings of data resources. This eventually helps you determine the security level and accordingly implement relevant technical and operational measures to protect personal data in the system network and continuous monitoring for the detection and prevention of malware.

Vietnam Data Security Posture Management

Facts About Vietnam’s Law on Cyberinformation Security, Law No. 86/2015/QH13

1

The law was enacted by the National Assembly of Vietnam on November 19, 2015, and went into effect on July 1, 2016.

2

The law applies to all individuals, organizations, and agencies that use, manage, and operate in the cyberspace of Vietnam.

3

System owners are required to train managers and technicians in network information security. Security officers must be given appropriate working conditions and priority training in network information security skills.

4

Companies selling civil encryption products must obtain a business license for trading in cryptographic products or services listed and must meet the requirements set out in Article 31.

5

The law imposes obligations on Internet service-providing enterprises to take measures to manage, prevent, detect, and stop the spread of malware and handle it at the request of competent state agencies.

6

The law also establishes a cybersecurity monitoring and incident response system that is responsible for detecting, preventing, and handling cybersecurity incidents and attacks.

7

Violators of these regulations may face disciplinary, administrative, or penal action, and may be required to pay damages in accordance with the current laws of Vietnam.

IDC MarketScape

Securiti named a Leader in the IDC MarketScape for Data Privacy Compliance Software

Read the Report
Videos
View More
Mitigating OWASP Top 10 for LLM Applications 2025
Generative AI (GenAI) has transformed how enterprises operate, scale, and grow. There’s an AI application for every purpose, from increasing employee productivity to streamlining...
View More
Top 6 DSPM Use Cases
With the advent of Generative AI (GenAI), data has become more dynamic. New data is generated faster than ever, transmitted to various systems, applications,...
View More
Colorado Privacy Act (CPA)
What is the Colorado Privacy Act? The CPA is a comprehensive privacy law signed on July 7, 2021. It established new standards for personal...
View More
Securiti for Copilot in SaaS
Accelerate Copilot Adoption Securely & Confidently Organizations are eager to adopt Microsoft 365 Copilot for increased productivity and efficiency. However, security concerns like data...
View More
Top 10 Considerations for Safely Using Unstructured Data with GenAI
A staggering 90% of an organization's data is unstructured. This data is rapidly being used to fuel GenAI applications like chatbots and AI search....
View More
Gencore AI: Building Safe, Enterprise-grade AI Systems in Minutes
As enterprises adopt generative AI, data and AI teams face numerous hurdles: securely connecting unstructured and structured data sources, maintaining proper controls and governance,...
View More
Navigating CPRA: Key Insights for Businesses
What is CPRA? The California Privacy Rights Act (CPRA) is California's state legislation aimed at protecting residents' digital privacy. It became effective on January...
View More
Navigating the Shift: Transitioning to PCI DSS v4.0
What is PCI DSS? PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards to ensure safe processing, storage, and...
View More
Securing Data+AI : Playbook for Trust, Risk, and Security Management (TRiSM)
AI's growing security risks have 48% of global CISOs alarmed. Join this keynote to learn about a practical playbook for enabling AI Trust, Risk,...
AWS Startup Showcase Cybersecurity Governance With Generative AI View More
AWS Startup Showcase Cybersecurity Governance With Generative AI
Balancing Innovation and Governance with Generative AI Generative AI has the potential to disrupt all aspects of business, with powerful new capabilities. However, with...

Spotlight Talks

Spotlight 11:29
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Watch Now View
Spotlight 11:18
Rewiring Real Estate Finance — How Walker & Dunlop Is Giving Its $135B Portfolio a Data-First Refresh
Watch Now View
Spotlight 13:38
Accelerating Miracles — How Sanofi is Embedding AI to Significantly Reduce Drug Development Timelines
Sanofi Thumbnail
Watch Now View
Spotlight 10:35
There’s Been a Material Shift in the Data Center of Gravity
Watch Now View
Spotlight 14:21
AI Governance Is Much More than Technology Risk Mitigation
AI Governance Is Much More than Technology Risk Mitigation
Watch Now View
Spotlight 12:!3
You Can’t Build Pipelines, Warehouses, or AI Platforms Without Business Knowledge
Watch Now View
Spotlight 47:42
Cybersecurity – Where Leaders are Buying, Building, and Partnering
Rehan Jalil
Watch Now View
Spotlight 27:29
Building Safe AI with Databricks and Gencore
Rehan Jalil
Watch Now View
Spotlight 46:02
Building Safe Enterprise AI: A Practical Roadmap
Watch Now View
Spotlight 13:32
Ensuring Solid Governance Is Like Squeezing Jello
Watch Now View
Latest
View More
Databricks AI Summit (DAIS) 2025 Wrap Up
5 New Developments in Databricks and How Securiti Customers Benefit Concerns over the risk of leaking sensitive data are currently the number one blocker...
Inside Echoleak View More
Inside Echoleak
How Indirect Prompt Injections Exploit the AI Layer and How to Secure Your Data What is Echoleak? Echoleak (CVE-2025-32711) is a vulnerability discovered in...
What Is Data Risk Assessment and How to Perform it? View More
What Is Data Risk Assessment and How to Perform it?
Get insights into what is a data risk assessment, its importance and how organizations can conduct data risk assessments.
What is AI Security Posture Management (AI-SPM)? View More
What is AI Security Posture Management (AI-SPM)?
AI SPM stands for AI Security Posture Management. It represents a comprehensive approach to ensure the security and integrity of AI systems throughout the...
Beyond DLP: Guide to Modern Data Protection with DSPM View More
Beyond DLP: Guide to Modern Data Protection with DSPM
Learn why traditional data security tools fall short in the cloud and AI era. Learn how DSPM helps secure sensitive data and ensure compliance.
Mastering Cookie Consent: Global Compliance & Customer Trust View More
Mastering Cookie Consent: Global Compliance & Customer Trust
Discover how to master cookie consent with strategies for global compliance and building customer trust while aligning with key data privacy regulations.
View More
Key Amendments to Saudi Arabia PDPL Implementing Regulations
Download the infographic to gain insights into the key amendments to the Saudi Arabia PDPL Implementing Regulations. Learn about proposed changes and key takeaways...
Understanding Data Regulations in Australia’s Telecom Sector View More
Understanding Data Regulations in Australia’s Telecom Sector
Gain insights into the key data regulations in Australia’s telecommunication sector. Learn how Securiti helps ensure swift compliance.
Gencore AI and Amazon Bedrock View More
Building Enterprise-Grade AI with Gencore AI and Amazon Bedrock
Learn how to build secure enterprise AI copilots with Amazon Bedrock models, protect AI interactions with LLM Firewalls, and apply OWASP Top 10 LLM...
DSPM Vendor Due Diligence View More
DSPM Vendor Due Diligence
DSPM’s Buyer Guide ebook is designed to help CISOs and their teams ask the right questions and consider the right capabilities when looking for...
What's
New