IDC Names Securiti a Worldwide Leader in Data Privacy


Vietnam’s Law on Information Technology (No. 67/2006/QH11)

Operationalize compliance with the most comprehensive PrivacyOps platform

Last Updated on November 7, 2023

Privacy Center
Fully Functional In Minutes

Elegant Consumer Frontend, Fully Automated Backend, Privacy Regulation Intelligent Everywhere.


Vietnam’s Law on Information Technology No. 67/2006/QH11 (“IT Law”) was enacted in 2006. The law aims to regulate IT use, development, and management in Vietnam. The law comprises six chapters and 79 articles covering various aspects of IT, including electronic transactions, data protection, intellectual property rights, and cybercrime.

The law applies to all activities related to developing, managing, and using IT within Vietnam, including hardware, software, networks, and services.

The law is based on several principles, including encouraging the development and use of a legal IT framework to promote economic and social development in all sectors of society, including government, business, culture, defense, and education; ensuring the security, safety, and confidentiality of, communications, IT systems, and networks; protecting intellectual property rights and the interests and rights of individuals and organizations using IT; preventing and combating cybercrime; developing a skilled workforce in the field of IT; and promoting international cooperation and exchange in the field of IT.

The law also deals with intellectual property rights related to IT, including copyright, patents, and trademarks, and protects software, databases, and other digital content. The law also addresses cybersecurity, including provisions on network security, information security, and cybercrime prevention. It imposes criminal penalties for offenses such as hacking, spreading viruses, and using IT to commit fraud.

The Solution

Securiti enables organizations to comply with Vietnam’s Law on Information Technology No. 67/2006/QH11 through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.

Securiti supports enterprises in their journey toward compliance with Vietnam’s Law on Information Technology No. 67/2006/QH11 through automation, enhanced data visibility, and identity linking.

Vietnam Law On Information Technology Regulation Solution

Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.

Secure Fulfillment of Data Subjects' Rights Requests

Articles: 22(1) + 8(1)(b) + 21(2)(d) + 22(1)

DSR automation allows organizations to enable data subjects to request inspection, access, updating, correction, or deletion of their personal information. Securiti’s Data Subject Access Requests automation enables organizations to create customized data subject rights request forms embedded in websites, verify identities, and aggregate requests into a fulfillment automation workbench.

data access request
Data Mapping Technology

Data Mapping

Articles: 15 + 21(2)(b)

Allows organizations and individuals to properly manage and use the collected personal information and store it only for a specified time with the help of Securiti’s Data Mapping automation. It harnesses data discovery to keep asset and processing records up-to-date, initiate privacy impact assessments (PIAs), generate a record of processing activities (RoPA) reports, and assess risk associated with their data life cycle.

Universal Consent Management

Article: 70

Allows individuals and organizations to capture consent from data subjects when sending them advertisement information and securely fulfill consent refusal if data subjects do not want to receive such information.

Universal Consent Management
Cookie Consent Management Dashboard

Monitor and Track Consent

Articles: 70 + 8(1)(d) + 21(1)

Automates secure capturing of consent for organizations and individuals who collect, process and use personal information in the network environment. Securiti's Consent Management Platform enables organizations to obtain end-users' consent for data access, retrieval, and advertising purposes.

Manage Vendor Risk

Article: 31

Vendor management allows organizations to evaluate vendors and the security measures taken by the vendor. Track, manage, and monitor vendors' privacy and security readiness from a single interface. Collaborate instantly, automate data requests and deletions, and manage all vendor contracts and compliance documents.

vendor risk managements
Data Security Controls

Enable Appropriate Security Controls

Articles: 18(3)(d) + 21(2)(c) + 60 + 72(1)

Data Security Posture Management enables you to create security posture policies as per the requirements of the applicable law and remediate security settings of data resources, eventually helping you comply with data security requirements of the law and implement appropriate security controls.

Facts About Vietnam’s Law on Information Technology No. 67/2006/QH11


The law was enacted on June 29, 2006, and took effect on January 1, 2007.


The law requires organizations to obtain consent from individuals before collecting, using, or disclosing their personal information.


The law protects intellectual property rights related to IT, including software, databases, and other digital content.


The law requires the state to promote and facilitate the participation of disabled individuals in IT development and application, helping them enhance their work capacity through IT. It encourages the adoption of preferential policies to encourage their participation in IT-related education and training programs.


The law requires the government to establish a national information infrastructure to facilitate the development of IT in Vietnam.


Any violation of IT Law may lead individuals to face disciplinary, administrative, or penal action, and may be required to pay damages in accordance with the laws of Vietnam. If the organizations commit violations, then such organizations can face administrative sanctions, and suspension of operations, and may also be required to pay damages in accordance with the laws of Vietnam.


Disputes related to the registration and use of national domain names that end with ".vn" will be resolved through negotiation or conciliation. If these methods fail, parties may pursue arbitration. Finally, if arbitration does not result in a resolution, parties may initiate lawsuits in court.

Forrester Names Securiti a Leader in the Privacy Management Wave Q4, 2021

Read the Report
Forrester Wave

Securiti named a Leader in the IDC MarketScape for Data Privacy Compliance Software

Read the Report
IDC MarketScape

At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.


Gartner Cool Vendor Award Forrester Badge IAPP Innovation award 2020 IDC Worldwide Leader RSAC Leader CBInsights Forbes Security Forbes Machine Learning G2 Users Most Likely To Recommend