"Vietnam is poised to pass a new decree that will bring the nation into line with its peers across APAC and internationally when it comes to personal data protection – and it’s providing a new impetus for businesses to look again at enhancing their data management."
As Vietnam prepares to move into the next phase of its Data Privacy legislation, Solidatus Head of APAC John Berven sat down with Asean Tech&Sec to discuss the upcoming implementation of PDPA (Personal Data Protection Act) and how ready businesses really are when it comes to their own data and compliance requirements.
Reflecting on a number of high-profile data security breaches in the recent years, John comments: "Large-scale breaches of personal data continued in 2020, with a devastating data leak affecting more than 80,000 customers, and possibly staff, at Vietnamese health technology firm, Innovative Solution for Healthcare (iSofH) (see report). It is also believed that an additional cyberattack removed an unknown number of records."
But with the new PDPA, these breaches should hopefully be a thing of the past. But how can businesses prepare to ensure they are compliant with the decree's storage and processing of personal data? And, more importantly, how can a tool like Solidatus enable organisations to map the flow of its data, allowing for full transparency on how it can be used?
Read John's insights on this new stage of data protection and privacy in Vietnam to find out more:
Solidatus for PDPA in APAC
By using Solidatus, an organisation gains invaluable insight into its data landscape. Our product enables users to visualise and analyse lineage showing what type of data they have and how it moves through their systems. It is impossible for senior management to be completely confident that the organisation is not inadvertently contravening some aspect of PDPA without this, leaving them open to enforcement and reputational risks.
Solidatus plays a vital role in PDPA by:
- mapping the flow of data within an organisation
- allowing for full transparency on how it is used and by whom
- laying the groundwork should regulators ever ask a business to prove their compliance
Solidatus helps to build a digital dashboard which shows managers how personal data is being used and where it is stored. This provides a demonstrable compliance with cloud storage regulations, the Right to Access and Correction, in addition to both Do Not Call (DNC) and National Registration Identification Card (NRIC) legislation by understanding the flow and location of data.
Organisations need a tool to help them identify required consent and ensure that the use of personal data within their firm is, purposeful, appropriate and reasonable. Solidatus provides these essential elements to comply with PDPA.