Chương II Nghị định 47/2020/NĐ-CP: Quản lý dữ liệu, cơ sở dữ liệu, quản trị dữ liệu trong cơ quan nhà nước và bảo đảm khả năng sẵn sàng kết nối, chia sẻ dữ liệu

Chapter II

DATA AND DATABASE MANAGEMENT AND DATA ADMINISTRATION IN REGULATORY AGENCIES AND ENSURING AVAILABLE CONNECTION AND DATA SHARE

Section 1. DATA AND DATABASE MANAGEMENT IN REGULATORY AGENCIES

Article 9. Rules of data and database management in regulatory agencies

1. Data in regulatory agencies shall be organized in a joint fashion and assigned for management according to their management responsibilities. Internal data and database of agencies and entities must be organized and stored in a manner that facilitates sharing for other agencies and entities.

2. Creation of data in database in regulatory agencies must use common schedule data in accordance with master data publicized by competent regulatory agencies.

3. Regulatory agencies shall not request individuals and organizations to provide again the data which is under management by the agencies or data which can be shared by other regulatory agencies, except for cases of requesting information serving update or data verification.

Article 10. Data and database organization and management

1. Contents of data organization and management:

a) Collect and organize data to create databases;

b) Manage, maintain, update data and manage data change;

c) Share data and manage shared data;

d) Utilize and use data under their management and utilization, use data shared by other regulatory agencies.

2. Regulatory agencies are responsible for implementing data organization and management as specified in Clause 1 of this Article and complying with regulations and law.

Article 11. Database in regulatory agencies

1. Database in regulatory agencies includes:

a) National database;

b) Databases of ministries, sectors and local government including: shared database of ministries; shared databases of sectors; shared databases of local governments;

c) Other databases in any information system of regulatory agencies not specified in Point a and Point b of this Clause;

2. Ministry of Information and Communications shall take charge and cooperate with relevant agencies in developing and proposing the Government with list of national databases.

3. Entities specialized in information technology of ministries, ministerial agencies, Governmental agencies, provinces and central-affiliated cities shall take charge and cooperate with relevant entities in developing and proposing ministers, heads of ministerial agencies, Governmental agencies, Chairpersons of People’s Committees of provinces and central-affiliated cities with lists of databases under management of ministries, sectors and local governments.

4. Lists of databases of ministries, sectors and local governments must include following information:

a) Name of databases;

b) Aim, scope and contents of each database;

c) Methods of collecting and updating data, data sources of each database;

d) Classify lists of databases including: open data; data shared in default method, data shared on a case-by-case basis for each database that suit each user.

5. Databases on populations, land and enterprises are fundamental databases developing e-government.

Article 12. List of national database and maintenance of national database

1. In case of adding, revising or removing national databases from lists of national databases, agencies that preside the databases shall submit request together with explanation for the request to Ministry of Information and Communications and propose the Government for consideration and decision on revising list of national databases.

2. In case of requesting to add databases to the list of national databases, agencies submitting the request shall send explanation to Ministry of Information and Communications which includes following basic information:

a) Name of national databases;

b) Purposes of developing national databases;

c) Scope of data in national databases; information on master data of national databases for storage and share;

d) Subjects and purposes of use and utilizations;

dd) Information sources which will be developed and updated in national databases;

e) Methods of sharing data from national databases.

3. National databases added to the list must satisfy following requirements:

a) Data must have legal value equivalent to physical documents containing information provided by competent agencies;

b) Containing master data of the Government which will be used as a basis for databases of ministries, sectors and local governments to refer to and synchronize;

c) Data shall be shared and used for many ministries, sectors and local governments to handle administrative procedures and administrative reform, simplify administrative procedures for people and enterprises;

4. List of national databases must be updated according to demands of information technology of each development phase of e-Government or at request of ministries, ministerial agencies, Governmental agencies and agencies of provinces and central-affiliated cities.

Article 13. National portal

1. Shall act as contact point of regulatory agencies providing open data on cyber environment to promote transparency in Government operation, creativity and socio-economic development.

2. Act as contact point providing technical support, monitoring connection and data share among information systems in regulatory agencies.

3. Regulatory agencies are responsible for monitoring, registering and providing information about data and open data; open data management; ability to share data and data utilization demands on the national portal.

4. Data sharing services management system shall be a part of the national portal.

5. Satisfy other requirements regarding data administration of regulatory agencies.

Section 2. DATA ADMINISTRATION, DATA SHARING AND UTILIZATION ADMINISTRATION

Article 14. Data administration and data sharing and utilization administration

1. Data administration and data sharing and utilization administration activities include

a) Develop data strategies, data and database development plans to ensure ability to connect, share and use data within regulatory agencies;

b) Develop legislative documents and policies on utilization and use of shared data of databases; regulations and standards on structure of exchanged data; technical documents on data exchange;

c) Organize, provide, utilize, share and use data serving operation of regulatory agencies and share data for organizations and individuals as per the law;

d) Cooperate, examine, monitor and handle complaints during connection and data sharing process;

dd) Examine, assess and maintain data; manage data quality;

e) Integrate data, analyze and consolidate data serving state management and develop long-term development strategies.

2. Ministries, ministerial agencies, Governmental agencies, People’s Committees of provinces and central-affiliated cities are responsible for organizing implementation and implementing regulations under Clause 1 of this Decree with respect to data under their management, and complying with regulations and law.

Article 15. Inspection, examination and supervision of connection and data share

1. Ministry of Information and Communications are responsible for inspecting and examining connection and data sharing activities within their competence; providing guidelines for inspecting and examining connection and data share in regulatory agencies.

2. Ministers, ministerial agencies and Governmental agencies are responsible for directing, inspecting and examining connection and data share within their management; Chairpersons of People’s Committees of provinces and central-affiliated cities are responsible for directing, inspecting and examining data management, connection and share in provinces.

Article 16. Data examination, assessment and maintenance    

1. Data must be examined, assessed and maintained on a year basis.

2. Contents of data examination and assessment include:

a) List all data contents;

b) Assess compliance with standards and regulations on data;

c) Assess data quality including: accuracy and intactness of data, unusual data;

d) Assess data maintenance, operation and update, data update and utilization record;

dd) Assess data share, users and sharing purposes according to regulations and policies on utilization and use of shared data;

e) Other contents according to instructions of competent agencies specialized in information technology suitable for each time period.

3. Assessment results must be made into physical documents and include necessary activities to maintain data (if any).

4. Agencies that preside database are responsible for organizing data self-assessment on a periodic basis and submitting reports to entities specialized in information technology of ministries, ministerial agencies, governmental agencies and agencies of provinces and central-affiliated cities before December 31 of each year.

5. Within their management, entities specialized in information technology of ministries, ministerial agencies, governmental agencies and agencies of provinces and central-affiliated cities are responsible for:

a) Instructing agencies presiding databases shall examine and assess their data;

b) Preparing programs and plans for examining and assessing data, presenting ministers, heads of ministerial agencies, governmental agencies and Chairpersons of People’s Committees of provinces and central affiliated agencies for approval and implementation of data assessment and examination programs and plans.

6. Entities presiding database are responsible for adopting measures to maintain data according to results of data examination and assessment.

Section 3. OPEN DATA OF REGULATORY AGENCIES

Article 17. Rules of providing open data of regulatory agencies

1. Provision of open data of regulatory agencies for organizations and individuals must satisfy following requirements:

a) Open data must be complete and fully contain data provided by regulatory agencies;

b) Provided open data must be the latest data;

c) Open data must be accessible from the cyber environment;

d) Open data must be sent, received, stored and processed digital devices;

dd) Organizations and individuals shall be able to freely access and use open data without declaring identification during utilization and use process;

e) Open data must be open format;

g) Open data shall be free to use;

h) Prioritize providing open data which people and enterprises have high demands for.

2. Ministers, heads of ministerial agencies and governmental agencies, Chairpersons of People’s Committees of provinces and central-affiliated cities are responsible for issuing list of open data of regulatory agencies, developing plans and publicizing open data of regulatory agencies within their management.

Article 18. Rules of using open data of regulatory agencies

1. Agencies, organizations and individuals may freely copy, share, exchange, use or integrate open data with other data; use open data in their commercial or non-commercial products and services.

2. Agencies, organizations and individuals must specify reference for any information extracted from open data used in their products and documents.

3. Open data of regulatory agencies shall be at its original state as when it is publicized which does not include methods of presentation and information arising from the provided open data.

4. Agencies, organizations and individuals must not sell open data extracted in its original form from regulatory agencies to other organizations and individuals. When using open data in commercial products and services, fully provide the open data along with said commercial products and services.

5. Regulatory agencies shall not be responsible for any loss or damage done to agencies, organizations and individuals due to using open data.

Article 19. Plans and implementation of open data of regulatory agencies

Within their management, ministerial agencies, governmental agencies, People’s Committees of provinces and central-affiliated cities are responsible for implementing following activities:

1. Developing and implementing plans regarding open data, including publicizing open data and minimum completion in each phase of the plans.

2. Determining methods of collecting and analyzing feedback of individuals and organizations regarding use of open data; allocating contact point to receive feedback of individuals and organizations regarding quality, usability, format and compliance with regulations and law on open data.

3. Adopting necessary preventive measures to maintain construction and publicizing open data directly related to protecting safety of humans and assets affected by open data implementation within their units.

4. Adopting measures to encourage organizations and individuals to use open data:

a) Receive feedback of organizations and individuals to determine order of priority and publicize open data according to demands;

b) Assist organizations and individuals in constructing and contributing to expand open data.

Article 20. Requirements in publicizing open data of regulatory agencies

1. Do not reveal personal information; assess and limit risks of exposing personal information when combining with other information.

2. Ensure safety and security when using open data including risks caused by the open data alone or the open data combining with other data.

3. List of data shall be examined and revised (if any) on a periodic basis, at least once every 6 months; data publicized under the list must be updated or revised (if any) within at least 3 months from the date on which the data is publicized.

4. Complying with relevant regulations and law.

Article 21. Methods of publicizing open data of regulatory agencies

1. Open data of regulatory agencies shall be provided via following methods:

a) Provide packed data and allow organizations and individuals to download;

b) Provide data via data sharing services.

2. Open data must be publicized on the national portal.

Section 4. ENSURING AVAILABLE CONNECTION AND DATA SHARE

Article 22. Rules for utilizing and using shared data

1. Connect, share and use data of regulatory agencies in a manner that complies with regulations on data utilization and use issued by presiding agencies. Regulations on data utilization and use shall be classified depending on topics or databases.

2. Regulations on data utilization and use must be publicized.

Article 23. Methods of sharing data

1. Methods of sharing data include:

a) Connect and share data on the internet between information systems of agencies providing data and agencies utilizing data;

b) Connect and share data on the internet by synchronizing the entire or part of data between databases of agencies providing data and agencies utilizing data;

c) Shared data shall be packed and stored on information storage devices.

2. Encourage application of methods of sharing data specified in Point a Clause 1 of this Article.

3. With respect to methods of sharing data specified in Points a and b Clause 1 of this Article, sharing data shall be determined continuously periodically or indefinitely from the date on which agencies providing data agree to share data following regulations on data utilization and use.

4. Agencies providing data must publicize methods of sharing and connection availability according to regulations under this Decree when publicizing data sharing services.

Article 24. Data sharing services

1. Connection, data provision and utilization between information systems must be conducted via data sharing services.

2. Agencies presiding databases are responsible for establishing and publicizing data sharing services and necessary technical documents serving access to data unde their management.

3. Information regarding data sharing services includes:

a) List of data sharing services and attached necessary technical specifications and documents;

b) Structure of exchanged data must comply with applicable technical regulations and standards;

c) Other necessary information regarding data sharing services which agencies providing data must provide for agencies utilizing data to facilitate access, connection and use of data sharing services.

Article 25. Publicizing information on data sharing services

1. Agencies providing data sharing services shall be responsible for uploading information regarding their data sharing services on data sharing services management systems within 1 working day from the date on which data sharing services are ready to connect and share data.

2. In case of changing or updating data sharing services, agencies providing data sharing services must immediately update information about data sharing services on the data sharing service management system upon any change or update.

3. Information regarding data sharing services must be fully uploaded, promptly and accurately updated.

4. Agencies providing data services are responsible for managing list of data sharing services, information and documents relating to their data sharing services; receiving and handling request, proposition and recommendation of agencies utilizing data regarding data sharing services publicized on the data sharing service management system.

5. Entities specialized in information technology of ministries, ministerial agencies and governmental agencies are responsible for assisting regulatory agencies within their competence in uploading, updating and managing information regarding data sharing services if necessary.

Article 26. Data sharing service management system

1. Data sharing service management system is an information system jointly managing lists of data sharing services of regulatory agencies developed and managed by Ministry of Information and Communications to enable regulatory agencies to utilize and use.

2. Roles and functions of the data sharing service management system:

a) Jointly manage information regarding national data sharing services;

b) Assist agencies providing data in declaring and updating information regarding data sharing services;

c) Assist regulatory agencies in searching, accessing and utilizing data sources and data services shared by regulatory agencies;

d) Assist in receiving request for connection and utilization of data sharing services;

dd) Provide other functions to facilitate connection and data share between regulatory agencies.

3. Regulatory agencies shall look up information regarding data sharing services on the data sharing service management system to connect, share and utilize available data sources of regulatory agencies.

Article 27. Connection and data sharing infrastructure

1. Agencies providing and using data are responsible for ensuring infrastructure conditions serving connection and data share, including:

a) Information system and appropriate network connection infrastructure to provide and utilize data;

b) Tools and measures to protect data and verify data during data sharing and using process;

c) Other technical conditions serving connection, data share, utilization and use.

2. Develop information systems and databases in regulatory agencies and ensure connection and data share, including:

a) Develop structure of shared data and data utilized by sharing;

b) Develop connection components and services to share data;

c) Manage, operate and maintain connection and data share.

3. Ministry of Information and Communications shall take charge and cooperate with relevant agencies in developing basis for integrating and sharing national data serving connection and data share between ministries, ministerial agencies, governmental agencies and agencies in provinces and central-affiliated cities.

4. Entities specialized in information technology of ministries, ministerial agencies, governmental agencies and agencies in provinces and central-affiliated cities shall take charge, develop and maintain infrastructure for connection and data share serving internal connection and data share of ministries, ministerial agencies, governmental agencies and agencies of provinces and central-affiliated cities and connect and share data with other ministries, ministerial agencies, governmental agencies and agencies of provinces and central-affiliated cities.

Article 28. Ensuring safety in connection and data share

Connection and data sharing must comply with regulations and law on cyber information safety, cyber security and following regulations:

1. Entities presiding information systems upon participating in connection and data share shall be responsible for ensuring information safety and security when data is managed, stored, processed and transmitted on their systems.

2. Agencies utilizing data are responsible for ensuring data safety and security when connecting and receiving shared data as specified by agencies providing data and regulations and law.

Article 29. Expenditure on connection and data share

1. With respect to expenditure on investing in infrastructure for connection and data share; platform for integrating and sharing data on a ministerial level, provincial level and national database, funding sources provided by central and local budgets must satisfy following requirements:

a) Central budget shall ensure expenditure for ministries, ministerial agencies, governmental agencies and assist provinces with financial hardships;

b) Local budget shall ensure expenditure for provinces receiving state budget or having drastic income; use remaining budget exceeding budget balance or other legal mobilized sources (if any);

c) Prioritize and encourage investment in form of cooperating with private sectors, especially hiring information technology services, utilize sources of investment economic sectors to develop systems, state budget shall pay for annual service rental.

2. With respect to individual tasks and projects of ministries, sectors and local governments (other than ministerial and provincial platforms for data integration and share):

a) Ministries, sectors and local governments shall subtract from estimates to implement or hire information technology with respect to projects generating revenues or funding sources guaranteed by the revenues of the projects;

b) With respect to provinces in mountain regions facing particular hardships, central budget shall partially assist expenditure upon approved by competent authorities.

3. Expenditure on maintaining and operating connection and data share shall be included in estimates for management, operation and maintenance of information systems and databases and taken from annual concurrent expenditure of state budget depending on budget classification (expenditure on non-concurrent tasks, non-autonomous) of regulatory agencies.

Article 30. Personnel for connection and data share

1. Personnel for connection and data share shall be taken from on-site personnel managing and operating information systems; hiring information technology services and other sources as per the law.

2. Regulatory agencies providing and using data are responsible for satisfying personnel-related requirements to enable management, connection and share.