Chương V: Nghị định 69/2024/NĐ-CP Trách nhiệm của cơ quan, tổ chức, cá nhân

Chapter V

RESPONSIBILITIES OF AGENCIES, ORGANIZATIONS AND INDIVIDUALS

Article 31. Responsibilities of eID holders

1. Protect eID data.

2. Secure authentication factors.

3. Immediately report to electronic authentication service providers when losing control of authentication means or detecting illegal access to their electronic identity, or having any other reasons that may pose threats to their use of service.

Article 32. Responsibilities of e-authentication service users

1. Comply with technical regulations on e-authentication and identification.

2. Manage and secure eID account information; ensure that eID accounts are used in a safe manner.

3. Ensure accountability for transactions already performed and regulations of related parties on electronic transactions.

Article 33. Responsibilities of e-authentication service providers and agencies, organizations and individuals self-creating accounts

1. Responsibilities of e-authentication service providers

a) Render e-authentication services to organizations or individuals on the basis of service provision contracts;

b) Manage operations performed by organizations authorized to provide e-authentication services and products according to regulations in Clause 4 Article 23 of this Decree;

c) Ensure that information-receiving channels are up and access to services is continuous 24 hours in 7 days a week;

d) Comply with regulations of law on information safety, network security, cybersecurity, electronic transactions, technical standards and regulations in electronic authentication activities in order to secure information and ensure the accuracy of authentication; issue procedures for e-authentication and obtain permission from the electronic identification and authentication regulator;

dd) Adhere to the plan and process for provision of electronic authentication services that have been reviewed by the Ministry of Public Security;

e) Send six-monthly and annual performance reports on e-authentication services according to Form XT05 in the Appendix enclosed with this Decree to the electronic identification and authentication regulator, or as requested by the electronic identification and authentication regulator.

2. Responsibilities of agencies, organizations and individuals self-creating accounts for their operations:

a) Bear responsibility for accuracy of their self-created accounts;

b) Protect personal data that they collect or manage in accordance with law;

c) Ensure that access to data is granted by owners of these data for use in all activities related to management and use of these data;

d) Delete collected data and manage them at the request of data owners, unless otherwise provided for by law;

Article 34. Responsibilities of the Ministry of Public Security

1. Build, administer, protect and operate the electronic identification and authentication system, electronic identification and authentication platform, apply electronic identification accounts to state management, administrative reform, prevention and control of natural disasters and epidemics.

2. Carry out state management of electronic identification and authentication. Promulgate uniform regulations on principles and structure of ID numbers of foreigners and agencies and organizations.

3. Assume the prime responsibility for, and cooperate with ministries and quasi-ministries in, connecting national and specialized databases to facilitate electronic identification and authentication.

4. Take charge of, and cooperate with the Ministry of Information and Communications, the Ministry of Planning and Investment, the Ministry of National Defense, the Ministry of Justice, the Government Office and relevant ministries and quasi-ministries in, inspecting and examining electronic identification and authentication activities.

5. Connect and integrate the electronic identification and authentication system with the electronic identity exchange platform of the National Public Service Portal in order to serve inspection of accounts, settlement of administrative procedures and provision of online public services in accordance with law.

6. Take charge of, and cooperate with the Ministry of Information and Communications, the Ministry of National Defense, and the Government’s Cipher Committee in ensuring information safety and security for the electronic identification and authentication system.

7. Take charge of, and cooperate with ministries, quasi-ministries, government bodies, Government Cipher Committee, and People's Committees of provinces and central- affiliated cities in agreeing on the plan to connect, share and access data for use of electronic identities, eID accounts and e-identification; ensure data confidentiality and security in conformity with methods for following administrative procedures both online and offline.

8. Take charge of, and cooperate with ministries, quasi-ministries, government bodies, Government Cipher Committee, and People's Committees of provinces and central- affiliated cities in agreeing on the plan to connect, share and access data for use of electronic identities, eID accounts and e-identification provided and created by the electronic identification and authentication system; ensure data confidentiality and security in conformity with methods for following administrative procedures both online and offline.

9. Take charge of, and cooperate with the Ministry of Justice, the Ministry of Planning and Investment and the Ministry of National Defense in, ensuring that data and information available in the national population database, the national entry/exit database, and the electronic civil registration database and the national business registration database are connected, shared and updated to serve the electronic identification and authentication purposes.

10. Ensure that information-receiving channels are up and access to the electronic identification and authentication system is continuous 24 hours in 7 days a week.

Article 35. Responsibilities of the Ministry of Information and Communications

Cooperate with the Ministry of Public Security and the Ministry of National Defense to ensure data and information confidentiality and security for the electronic identification and authentication system.

Article 36. Responsibilities of the Ministry of Planning and Investment 

1. Take charge of, and cooperate with the Ministry of Public Security and relevant ministries and central authorities in agreeing on the plan to connect and share data on organizations and individuals available in the national business registration database with the electronic identification and authentication system for creation of ID numbers and eID accounts of agencies and organizations, thereby serving electronic identification and authentication purposes; ensure data confidentiality and security.

2. Cooperate with the Ministry of Public Security in issuing eID accounts to organizations and enterprises and managing such eID accounts within its assigned tasks, functions and scope.

3. Ensure that eIDs and eID accounts are used for carrying out administrative procedures or public administration services in cyberspace under their authority according to regulations of law.

Article 37. Responsibilities of the Ministry of National Defense

1. Instruct its directly-controlled agencies, units, enterprises and individuals to conduct electronic identification and authentication in accordance with regulations on protection of state secrets in national defense sector.

2. Cooperate with the Ministry of Public Security in agreeing on the plan for connection and sharing for use of electronic identities, eID accounts, e-identification provided and created by the electronic identification and authentication system.

3. Cooperate with the Ministry of Public Security in ensuring data and information security and cybersecurity for the electronic identification and authentication system.

Article 38. Responsibilities of the Government Cipher Committee

1. Provide guidance on application of technical standards and regulations on civil cryptography and use of civil service digital signature authentication service to electronic identification and authentication activities.

2. Take charge of, and cooperate with the Ministry of Public Security in, assessing cryptographic security for users of electronic authentication services.

3. Cooperate with the Ministry of Public Security in ensuring data and information confidentiality and security by using cryptographic products for the electronic identification and authentication system; using electronic identities, eID accounts, e-identification for provision of civil service digital signature services.

Article 39. Responsibilities of ministries, quasi-ministries, government bodies and People's Committees of central-affiliated cities and provinces

1. Ensure that eIDs, eID accounts and e-identification are used for carrying out administrative procedures or public administration services in cyberspace.

2. Cooperate with the Ministry of Public Security in agreeing on the plan for connection and sharing for use of electronic identities, eID accounts, e-identification provided and created by the electronic identification and authentication system; ensuring data and information confidentiality and security.

3. Ensure stable and smooth operation of national databases, specialized databases in authentication at the request of specialized database managing agencies, state agencies, political organizations, socio-political organizations and other organizations assigned to perform public services.