Accordingly, in order to continue to improve the effectiveness of information security, professional data protection, personal data protection of civil servants, public employees and employees (CCVC) in the Industry as well as personal data of people and businesses, Vietnam Social Security requires heads of units to seriously implement the directives issued by Vietnam Social Security, focusing on the following contents:

Firstly, thoroughly convey to affiliated units and all civil servants and public employees under their management the principle that "Ensuring information security is a mandatory requirement and must be implemented regularly, continuously and promptly"; direct collectives and individuals in the unit to comply with regulations on management and account protection and be responsible to the General Director if they are negligent, allowing data leakage or illegal exploitation of the Industry's database from the accounts of collectives and individuals under their management.

Second, require collectives and individuals in the unit to strictly implement regulations on information security assurance: Regulations on information security assurance in the application of information technology of the Social Insurance sector in Decision No. 967/QD-BHXH dated June 20, 2017, Regulations on management, exploitation and use of information from the centralized database of the Social Insurance sector in Decision No. 2366/QD-BHXH dated November 28, 2018, Regulations on management, deployment, operation and exploitation of the information infrastructure system in the Vietnam Social Insurance sector in Decision No. 3735/QD-BHXH dated December 29, 2022.

Third, assign specific responsibilities to the department performing the task of ensuring information security at the unit to proactively monitor, regularly monitor, and grasp the situation through the warning channels of the Information Technology Center, competent authorities and information security organizations to promptly detect and handle acts of accessing, exploiting unusual data, lending accounts, using other people's accounts, using automatic tools to collect and retrieve data from the Vietnam Social Security industry database.

Fourth, enhance the sense of responsibility, strictly comply with discipline and order; rectify indifference and disregard for information security and personal data protection of civil servants, especially leaders (Heads of units under Vietnam Social Security, Directors of provincial and municipal Social Security, Department Heads, Directors of district-level Social Security).

Fifth , assign the Information Technology Center to monitor, supervise, and report on the compliance with discipline and order in ensuring information security and protecting personal data of units; coordinate with the Department of Organization and Personnel to advise the General Director to strictly handle groups and individuals who violate State and Industry regulations on information security and protecting personal data.