Vietnam: Law on Personal Data Protection including cybersecurity regulation enters into force

Law on Personal Data Protection including cybersecurity regulation enters into force

On 1 January 2026, the Law on Personal Data Protection enters into force. The Law requires organisations to implement suitable technical and organisational measures to safeguard personal data against unauthorised access, disclosure or misuse (Articl…

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

cross-cutting

Implementation Level

national

Government Branch

executive

Government Body

central government

Complete timeline of this policy change

Hide details

2024-09-24

in consultation

On 24 September 2024, the Ministry of Public Security opened a consultation on the Draft Law on Per…

2024-11-24

processing consultation

On 24 November 2024, the Ministry of Public Security closed the public consultation on the Draft La…

2025-05-05

under deliberation

On 5 May 2025, the Law on Personal Data Protection was introduced to the National Assembly of Vietn…

2025-06-26

adopted

On 26 June 2025, the Law on Personal Data Protection was adopted by the National Assembly of Vietna…

2026-01-01

in force

On 1 January 2026, the Law on Personal Data Protection enters into force. The Law requires organisa…

Description

Law on Personal Data Protection including cybersecurity regulation enters into force

Scope

Complete timeline of this policy change