Personal Data Protection Act 2023
Personal Data Protection Act 2023 - Proposed Amendments
What is it Personal Data Protection Act (PDPA)
The PDPA governs data usage and its security in Malaysia. It was tabled in 2010 and gazetted the same year, but only implemented in 2013.
The act is enforced by the Personal Data Protection Department. One of its main functions is to prevent data misuse in commercial transactions.
What it covers
Under the PDPA, data such as your full name, MyKad number, passport number and your email address are considered to be personal and sensitive information.
Other forms of data that fall under this category include photographs, images captured from CCTVs, religious and political beliefs, as well as personal documents like tax records.
Under the Act, a person is entitled to the following rights after sharing their data with an organisation:
-
The right to know if their data is being processed.
-
The right to access their personal data from the organisation’s database
-
The right to amend the data provided
-
The right to withdraw consent given to process one’s data
-
The right to stop any data processing activities that could cause damage or distress
-
The right to stop data processing activities for direct marketing
Proposed Amendments to the PDPA
The draft amendment to the PDPA to curb personal data breaches is expected to be presented in Parliament before the end of this year. It is rumored that it will be enacted by the end of October 2023.
Communications and Digital Minister Fahmi Fadzil said the Personal Data Protection Department (JPDP) was looking at several improvements to the amendments prepared by the previous government before they were submitted to the Attorney-General's Chambers.
The proposed amendments are summarised as follows:
1. Mandatory appointment of a Data Protection Officer
All data users will each be required to appoint a data protection officer.
2. Data portability
Transfers of personal data between data users (upon request from data subjects) will be allowed (if the technical system permits).
3. Mandatory data breach notification
All data users will be required to report data breaches to the Malaysian Personal Data Protection Department (PDPD) within 72 hours.
4. Enhanced obligations for data processors
Data processors will be required to comply with the security principle under the PDPA.
5. Cross-border data transfer requirements
The power of the Minister to issue a whitelist will be replaced with a blacklist. Transfers of personal data to blacklisted countries will be prohibited.
Impacts On The Proposed Amendments in PDPA
Increase in penalties for misuse of data and non-compliance with PDPA in general.
Designate the Malaysian Personal Data Protection Department as a statutory commission with enforcement power.
Visit Us
-
Wisma KTP, 53 Jalan Molek 1/8, Taman Molek, 81100 Johor Bahru
-
Wisma THK, 41, Jalan Molek 1/8, Taman Molek, 81100 Johor Bahru
KTP (Audit, Tax, Advisory)
An approved audit firm and licensed tax firm operating under the KTP group based in Johor Bahru providing audit, tax planning, advisory and compliance services to clients
-
Website www.ktp.com.my
-
Instagram https://bit.ly/3jZuZuI
-
Linkedin https://bit.ly/3sapf4l
-
Telegram http://bit.ly/3ptmlpn
THK (Secretarial, Account, Payroll, Advisory)
A licensed secretarial firm in Johor Bahru providing fast reliable incorporation, secretarial services, corporate compliance services, outsource booking, accounting and payroll services to clients
-
Website www.thks.com.my
-
Facebook https://bit.ly/3nQ98rs
KTP Lifestyle
An internal community for our colleagues on work and leisure.
-
Tiktok http://bit.ly/3u9LR6Q
-
Youtube http://bit.ly/3ppmjyE
-
Facebook http://bit.ly/3ateoMz
-
Instagram https://bit.ly/3jZpKLo
KTP Career
An external job community on vacancy in Johor Bahru for interns, graduates & experienced candidates.
-
Instagram https://bit.ly/3u2PxHg
-
Facebook http://bit.ly/3rPxz9o
#Ktp #Thks