Compliance with the Personal Data Protection Act (PDPA) 2010

Personal Data Protection Act, papa, data violation

ARC News   •   July 05, 2018

With the advancement of technology, business owners in Malaysia have been blessed with abundance of innovative methods to commercially exploit personal data. Recognising the importance of protecting personal data, the Malaysian parliament passed the Personal Data Protection Act 2010 (“Act”) which came into force on 15 November 2013. Despite enforcement of the Act for a period of 4 years, many business owners are still unaware of the existence of the Act and more notably, the importance of compliance with the Act.

As the objective of the Act is to regulate the processing of personal data in respect of commercial transactions, the Act is evidently relevant to most business owners in Malaysia. It is an undisputed fact that a company will in its course of business collects, uses and stores personal data of amongst others its employees, suppliers and clients. As such, the processing of the personal data must be in compliance with the principles set forth in the Act.

Further, in line with the enforcement of the Act, various subsidiary legislations have been gazetted to regulate the registration of the following industries as data user:

  • Communications;
  • Banking and financial institution;
  • Insurance;
  • Health;
  • Tourism and hospitalities;
  • Transportation;
  • Education;
  • Direct selling;
  • Services;
  • Real estate;
  • Utilities;
  • Pawnbroker; and
  • Moneylender.

Businesses that fall under the above mentioned categories are required to register with the Department of Personal Data Protection, failing which the business owner would be liable for a fine of not exceeding RM500,000.00 or 3 years imprisonment or both.

Despite the above, it is pertinent to highlight that businesses that do not fall under the above mentioned categories are also required to comply with the Act (save for the registration as a data user). Non compliance with the Act would ultimately attract maximum fine of not exceeding RM500,000.00 or 3 years imprisonment or both.

Since 2017, the Department of Personal Data Protection has been actively conducting inspection at different business premises to ensure compliance with the Act. In view thereof, business owners are strongly encouraged to revisit its business processes to ensure compliance with the Act.

Yeo Shu Pin is a Partner at Messrs. Afif Rahman & Chong

Disclaimer: Every attempt to ensure the accuracy and reliability of the information provided in this publication has been made. This publication does not constitute legal advice and is not intended to be used as a substitute for specific legal advice or opinions. Please contact the authors for a specific technical or legal advice on the information provided and related topics.

2018-08-06T07:49:58+00:00

Related Posts

© Copyright    |  Afif Rahman & Chong · All Rights Reserved.
The information contained in this website is provided for informational purposes only, and should not be construed as legal advice on any matter.
The transmission and receipt of information contained on this Website, in whole or in part, or communication with ARC via the Internet or e-mail through this website does not constitute or create a lawyer-client relationship between us and any recipient. You should not send us any confidential information in response to this webpage. Such responses will not create a lawyer-client relationship, and whatever you disclose to us will not be privileged or confidential unless we have agreed to act as your legal counsel and you have executed a written engagement agreement with ARC. The material on this website may not reflect the most current legal developments. The content and interpretation of the law addressed herein is subject to revision. We disclaim all liability in respect to actions taken or not taken based on any or all the contents of this site to the fullest extent permitted by law. Do not act or refrain from acting upon this information without seeking professional legal counsel.