Employee Data Privacy

Vietnam - Fines and Penalties

 Download as a PDF

What are the penalties for noncompliance with any applicable data protection laws?


Noncompliance with data privacy laws and data breaches may lead to sanctions, fines, and penalties. The amounts are usually calculated according to the risk to which personal rights were exposed and the preventive measures taken by the data controllers, processors and sub-processors in relation to their respective role in the chain of personal data processing.

Noncompliance with applicable data protection regulations by an entity who collects or processes personal information in a network environment (ex., storing an electronic record past the retention period consented to by an employee) may receive an administrative fine up to approximately $850 USD.

Under the Criminal Code (No. 100/2015/QH13, Art. 288) (as amended) individuals who trade/exchange/give/change/publish the lawfully private information of an individual or organization in a computer or telecommunications network without consent can be subject to up to 7 years imprisonment and a fine up to approximately $8,500 USD. This individual can also be prohibited from holding certain roles or jobs for up to five years.


HR Best Practices: Before processing personal data, make sure to be in line the security measures necessary to ensure data security within your organization. Furthermore, ensure all data processors have cyber information security incident response plans in place.


UKG's HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where UKG's customers have employees. HR Compliance Assist is a service exclusively available to UKG customers.

Share Your Feedback

Let's Talk