Securiti leads GigaOm's DSPM Vendor Evaluation with top ratings across technical capabilities & business value.

View
Contact Us See a demo

Vietnam’s Law on Information Technology (No. 67/2006/QH11)

Operationalize compliance with the most comprehensive PrivacyOps platform

Last Updated on November 8, 2023

Schedule Your
Personal Demo

Learn how you can leverage Securiti’s Data Command Center to address data security, privacy, governance, and compliance.

See a demo
Schedule your demo today

Vietnam’s Law on Information Technology No. 67/2006/QH11 (“IT Law”) was enacted in 2006. The law aims to regulate IT use, development, and management in Vietnam. The law comprises six chapters and 79 articles covering various aspects of IT, including electronic transactions, data protection, intellectual property rights, and cybercrime.

The law applies to all activities related to developing, managing, and using IT within Vietnam, including hardware, software, networks, and services.

The law is based on several principles, including encouraging the development and use of a legal IT framework to promote economic and social development in all sectors of society, including government, business, culture, defense, and education; ensuring the security, safety, and confidentiality of, communications, IT systems, and networks; protecting intellectual property rights and the interests and rights of individuals and organizations using IT; preventing and combating cybercrime; developing a skilled workforce in the field of IT; and promoting international cooperation and exchange in the field of IT.

The law also deals with intellectual property rights related to IT, including copyright, patents, and trademarks, and protects software, databases, and other digital content. The law also addresses cybersecurity, including provisions on network security, information security, and cybercrime prevention. It imposes criminal penalties for offenses such as hacking, spreading viruses, and using IT to commit fraud.

The Solution

Securiti enables organizations to comply with Vietnam’s Law on Information Technology No. 67/2006/QH11 through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.

Securiti supports enterprises in their journey toward compliance with Vietnam’s Law on Information Technology No. 67/2006/QH11 through automation, enhanced data visibility, and identity linking.

Vietnam Law On Information Technology

Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.

Secure Fulfillment of Data Subjects' Rights Requests

Articles: 22(1) + 8(1)(b) + 21(2)(d) + 22(1)

DSR automation allows organizations to enable data subjects to request inspection, access, updating, correction, or deletion of their personal information. Securiti’s Data Subject Access Requests automation enables organizations to create customized data subject rights request forms embedded in websites, verify identities, and aggregate requests into a fulfillment automation workbench.

data access request
Data Mapping

Data Mapping

Articles: 15 + 21(2)(b)

Allows organizations and individuals to properly manage and use the collected personal information and store it only for a specified time with the help of Securiti’s Data Mapping automation. It harnesses data discovery to keep asset and processing records up-to-date, initiate privacy impact assessments (PIAs), generate a record of processing activities (RoPA) reports, and assess risk associated with their data life cycle.

Universal Consent Management

Article: 70

Allows individuals and organizations to capture consent from data subjects when sending them advertisement information and securely fulfill consent refusal if data subjects do not want to receive such information.

Universal Consent Management
Cookie Consent Management

Monitor and Track Consent

Articles: 70 + 8(1)(d) + 21(1)

Automates secure capturing of consent for organizations and individuals who collect, process and use personal information in the network environment. Securiti's Consent Management Platform enables organizations to obtain end-users' consent for data access, retrieval, and advertising purposes.

Manage Vendor Risk

Article: 31

Vendor management allows organizations to evaluate vendors and the security measures taken by the vendor. Track, manage, and monitor vendors' privacy and security readiness from a single interface. Collaborate instantly, automate data requests and deletions, and manage all vendor contracts and compliance documents.

vendor risk management
Data Security Controls

Enable Appropriate Security Controls

Articles: 18(3)(d) + 21(2)(c) + 60 + 72(1)

Data Security Posture Management enables you to create security posture policies as per the requirements of the applicable law and remediate security settings of data resources, eventually helping you comply with data security requirements of the law and implement appropriate security controls.

Facts About Vietnam’s Law on Information Technology No. 67/2006/QH11

1

The law was enacted on June 29, 2006, and took effect on January 1, 2007.

2

The law requires organizations to obtain consent from individuals before collecting, using, or disclosing their personal information.

3

The law protects intellectual property rights related to IT, including software, databases, and other digital content.

4

The law requires the state to promote and facilitate the participation of disabled individuals in IT development and application, helping them enhance their work capacity through IT. It encourages the adoption of preferential policies to encourage their participation in IT-related education and training programs.

5

The law requires the government to establish a national information infrastructure to facilitate the development of IT in Vietnam.

6

Any violation of IT Law may lead individuals to face disciplinary, administrative, or penal action, and may be required to pay damages in accordance with the laws of Vietnam. If the organizations commit violations, then such organizations can face administrative sanctions, and suspension of operations, and may also be required to pay damages in accordance with the laws of Vietnam.

7

Disputes related to the registration and use of national domain names that end with ".vn" will be resolved through negotiation or conciliation. If these methods fail, parties may pursue arbitration. Finally, if arbitration does not result in a resolution, parties may initiate lawsuits in court.

IDC MarketScape

Securiti named a Leader in the IDC MarketScape for Data Privacy Compliance Software

Read the Report
Please enter a minimum of 3 characters to begin your search.
Videos
View More
January 20, 2025
Mitigating OWASP Top 10 for LLM Applications 2025
Generative AI (GenAI) has transformed how enterprises operate, scale, and grow. There’s an AI application for every purpose, from increasing employee productivity to streamlining...
View More
January 15, 2025
Top 6 DSPM Use Cases
With the advent of Generative AI (GenAI), data has become more dynamic. New data is generated faster than ever, transmitted to various systems, applications,...
View More
January 2, 2025
Colorado Privacy Act (CPA)
What is the Colorado Privacy Act? The CPA is a comprehensive privacy law signed on July 7, 2021. It established new standards for personal...
View More
December 24, 2024
Securiti for Copilot in SaaS
Accelerate Copilot Adoption Securely & Confidently Organizations are eager to adopt Microsoft 365 Copilot for increased productivity and efficiency. However, security concerns like data...
View More
November 1, 2024
Top 10 Considerations for Safely Using Unstructured Data with GenAI
A staggering 90% of an organization's data is unstructured. This data is rapidly being used to fuel GenAI applications like chatbots and AI search....
View More
October 29, 2024
Gencore AI: Building Safe, Enterprise-grade AI Systems in Minutes
As enterprises adopt generative AI, data and AI teams face numerous hurdles: securely connecting unstructured and structured data sources, maintaining proper controls and governance,...
View More
August 12, 2024
Navigating CPRA: Key Insights for Businesses
What is CPRA? The California Privacy Rights Act (CPRA) is California's state legislation aimed at protecting residents' digital privacy. It became effective on January...
View More
June 3, 2024
Navigating the Shift: Transitioning to PCI DSS v4.0
What is PCI DSS? PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards to ensure safe processing, storage, and...
View More
January 29, 2024
Securing Data+AI : Playbook for Trust, Risk, and Security Management (TRiSM)
AI's growing security risks have 48% of global CISOs alarmed. Join this keynote to learn about a practical playbook for enabling AI Trust, Risk,...
AWS Startup Showcase Cybersecurity Governance With Generative AI View More
October 17, 2023
AWS Startup Showcase Cybersecurity Governance With Generative AI
Balancing Innovation and Governance with Generative AI Generative AI has the potential to disrupt all aspects of business, with powerful new capabilities. However, with...

Spotlight Talks

Spotlight 11:29
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Watch Now View
Spotlight 11:18
Rewiring Real Estate Finance — How Walker & Dunlop Is Giving Its $135B Portfolio a Data-First Refresh
Watch Now View
Spotlight 13:38
Accelerating Miracles — How Sanofi is Embedding AI to Significantly Reduce Drug Development Timelines
Sanofi Thumbnail
Watch Now View
Spotlight 10:35
There’s Been a Material Shift in the Data Center of Gravity
Watch Now View
Spotlight 14:21
AI Governance Is Much More than Technology Risk Mitigation
AI Governance Is Much More than Technology Risk Mitigation
Watch Now View
Spotlight 12:!3
You Can’t Build Pipelines, Warehouses, or AI Platforms Without Business Knowledge
Watch Now View
Spotlight 47:42
Cybersecurity – Where Leaders are Buying, Building, and Partnering
Rehan Jalil
Watch Now View
Spotlight 27:29
Building Safe AI with Databricks and Gencore
Rehan Jalil
Watch Now View
Spotlight 46:02
Building Safe Enterprise AI: A Practical Roadmap
Watch Now View
Spotlight 13:32
Ensuring Solid Governance Is Like Squeezing Jello
Watch Now View
Latest
Navigating the Data Minefield: Essential Executive Recommendations for M&A and Divestitures View More
July 14, 2025
Navigating the Data Minefield: Essential Executive Recommendations for M&A and Divestitures
The U.S. M&A landscape is back in full swing. May witnessed a significant rebound in deal activity, especially for transactions exceeding $100 million, signaling...
Simplifying Global Direct Marketing Compliance with Securiti’s Rules Matrix View More
July 6, 2025
Simplifying Global Direct Marketing Compliance with Securiti’s Rules Matrix
The Challenge of Navigating Global Data Privacy Laws In today’s privacy-first world, navigating data protection laws and direct marketing compliance requirements is no easy...
What to Know About Quebec’s Act Respecting Health and Social Services Information (AHSSS) View More
July 15, 2025
What to Know About Quebec’s Act Respecting Health and Social Services Information (AHSSS)
Learn more about Quebec's AHSSS, including its obligations on healthcare providers, researchers, and technology providers, with Securiti's latest blog.
View More
July 15, 2025
What is Automated Decision-Making Under CPRA Proposed ADMT Regulations
Learn more about automated decision-making (ADM) under California's CPRA, its regulatory approach to the technology, and how to ensure compliance.
View More
July 15, 2025
Is Your Business Ready for the EU AI Act August 2025 Deadline?
Download the whitepaper to learn where your business is ready for the EU AI Act. Discover who is impacted, prepare for compliance, and learn...
View More
July 13, 2025
Getting Ready for the EU AI Act: What You Should Know For Effective Compliance
Securiti's whitepaper provides a detailed overview of the three-phased approach to AI Act compliance, making it essential reading for businesses operating with AI.
View More
July 15, 2025
Enabling Safe Use of Data with Amazon Q
Learn how robust DSPM can help secure Amazon Q data access, automate sensitive data tagging, eliminate ROT data, and maximize AI productivity safely.
Singapore’s PDPA & Consent: Clear Guidelines for Enterprise Leaders View More
July 7, 2025
Singapore’s PDPA & Consent: Clear Guidelines for Enterprise Leaders
Download the essential infographic for enterprise leaders: A clear, actionable guide to Singapore’s PDPA and consent requirements. Stay compliant and protect your business.
Gencore AI and Amazon Bedrock View More
January 7, 2025
Building Enterprise-Grade AI with Gencore AI and Amazon Bedrock
Learn how to build secure enterprise AI copilots with Amazon Bedrock models, protect AI interactions with LLM Firewalls, and apply OWASP Top 10 LLM...
DSPM Vendor Due Diligence View More
November 18, 2024
DSPM Vendor Due Diligence
DSPM’s Buyer Guide ebook is designed to help CISOs and their teams ask the right questions and consider the right capabilities when looking for...
What's
New