The conference “Data Security in Cyberspace” with the theme “Management and Exploitation of Customer Data – Compliance with Decree 13” organized by the National Cyber Security Association took place. This is an opportunity for state management agencies, organizations, businesses, and experts in the field of data security to exchange views, practices, and solutions to find solutions, towards effective, sustainable management and exploitation of personal data in accordance with the law in general and Decree No. 13/2023/ND-CP on personal data protection in particular.
SmartNet also participated in the event “Data Security in Cyberspace” with the desire to listen, understand and join hands to solve the difficulties of agencies, organizations and businesses to “Manage and exploit customer data – Comply with Decree 13”
Speaking at the opening of the event, Lieutenant Colonel Trieu Manh Tung, Deputy Director of the Department of Cyber Security and High-Tech Crime Prevention, Ministry of Public Security, Head of the Inspection Board of the National Cyber Security Association, stated that data has become an important key in the way people operate the world today and opens the door to future connections. In an era where human life is in harmony with integrated technology, connecting digital – physical – biological spaces, data is continuously created and stored by humans in cyberspace, becoming a valuable input material, the core foundation for implementing the fourth industrial revolution.
 |
|
Lieutenant Colonel Trieu Manh Tung, Deputy Director of the Department of Cyber Security and High-Tech Crime Prevention, Ministry of Public Security, Head of the Inspection Board of the National Cyber Security Association |
According to Lieutenant Colonel Trieu Manh Tung, the biggest question we need to answer in the context of data being essential and indispensable is how to avoid having to make trade-offs between exploiting and using data and protecting data security, safety and privacy? To solve the above problem, in one morning, more than 200 delegates from state management agencies, organizations, businesses, experts in the fields of law, information technology, security, data security… listened to 05 speeches and shares from representatives of the Research Board, Policy and Law Consulting of the National Cyber Security Association on the results of 01 year of implementing Decree No. 13/2023/ND-CP on personal data protection; Business representatives in the banking and information technology sectors shared difficulties and obstacles in the process of complying with the Decree, and proposed some necessary solutions to manage, exploit and protect personal data.
It can be seen that the activities of collecting, exploiting, analyzing and processing personal data are associated with almost the entire process of operation, production and business of enterprises. Therefore, many enterprises are still confused and have not implemented synchronous changes and solutions to comply with the provisions of Decree 13. Some difficulties specific to the field, business line, and scale of data processing activities also need to be guided and resolved by specialized agencies. Compliance with Decree 13 also needs to be concerned with both legal and technological aspects, aiming for comprehensive compliance and a mechanism to control that compliance.
In response to the above issues, the event had a practical and effective discussion, creating a connection channel between legislators, legal consultants and agencies and businesses to remove difficulties and obstacles to increase the level of compliance with the law on personal data protection. From the perspective of advising on the promulgation of Decree 13 and guiding businesses in implementing it in practice, representatives of the Research and Policy and Legal Consulting Board of the National Cyber Security Association shared about the purpose, significance and core issues that businesses need to pay attention to in accordance with the provisions of Decree 13.
Before Decree No. 13/2023/ND-CP (Decree 13) was issued, the work of protecting personal data and work related to the rights of subjects was almost neglected, or was enforced but very limited. This led to a situation where fraud crimes were rampant.
Decree 13 takes effect from July 1, 2023, and has been in effect for exactly one year. Decree 13 is the first document in Vietnam that stipulates 11 rights of data subjects. The task of businesses is to concretize these 11 rights through their own policies and procedures to meet the requirements, from the collection stage to the analysis, processing and deletion of data.
 |
|
11 rights of data subjects, as stipulated in Decree 13 of 2022 of the Government. Photo: NCA |
According to Major Dao Duc Trieu, the process of complying with Decree 13 goes through 4 steps: Step one, propaganda, dissemination, review of regulations on personal data protection. Step two, evaluation of business processes and policies. Step three, designation of personal data protection department; Application of personal data protection measures: technical, professional. And step four, implementation of administrative procedures on personal data protection; Overall implementation of personal data protection solutions.
SmartNet always accompanies customers on the journey of “Managing and exploiting customer data – Complying with Decree 13”. SmartNet has a number of solutions serving Decree 13 that are well received in the market such as:
– Fortra Digital Guardian: data classification, data loss prevention (Endpoint/Network/Email/Cloud DLP).
– Cososys Endpoint Protector: Data loss prevention (Endpoint DLP).
– DataSunrise: Protect and control data access (Database firewall, database vulnerability management)
– Certus: Permanent Erasure
SmartNet distributes, sells, and deploys advanced information security solutions for corporations, large companies, government organizations, and especially the banking and finance sector. The company is currently a distributor of more than 10 famous security companies from the US and Europe such as Fortra, Qualys, Sonarqube, Upguard, Nextron-systems, DataSunrise, MiniOrange, Commvault, Veramine, AppSealing, MiniOrange, Infoblox. The company also provides deployment services, technical support, training and operation of the solutions provided by the company, testing information security, ensuring that the solutions bring high efficiency and benefits, while optimizing human resources for customers.
Contact us for advice, quotes and technical support: contact@smartnet.net.vn