From 1 July 2023, Decree 13/2023/ND-CP (“Decree 13”) on personal data protection becomes effective, leading to enterprises’ responsibilities for issuing and updating their internal documents to comply with obligations to protect personal data of employees stated in this Decree 13.
Key highlights are noted as below:
- Personal information of employees is data which must be protected
- General responsibilities of enterprises for employees’ personal data
- What are must-do actions for enterprises to fulfil obligations related to employees’ personal data ascribed by Decree 13?
Decree 13 is a pivotal legal corridor for personal data protection; nevertheless, it is observed that several provisions of such Decree are quite vague, leading to the necessity of further guidance from the authorities in the coming time. Notwithstanding, following the effectiveness of Decree 13, the enterprises still need to conduct some certain tasks as mentioned above to ensure the compliance therewith.
For any concerns relating to regulations of Decree 13 or the compliance therewith, please do not hesitate to contact Mazars for assistance.
Download the full documents in below.