Malaysia: Implemented Personal Data Protection Standard 2015

On 23 December 2015, the Personal Data Protection Standard 2015 entered into force. The standard is based on articles 6,7 and 8 of the Personal Data Protection Regulations 2013 and is applicable to any person who processes or has control over the processing of personal data. The standard concretises the Security Standard by defining the security standard for personal data processed electronically and non-electronically. The standard aims to protect personal data from any loss, misuse, modifications, unauthorised or accidental access or disclosure, alteration or destruction. In particular, the standard requires access controls through the establishment of passwords, physical security procedures, a backup or recovery system and the maintenance of a record of access, amongst other things. The standard further defines the retention and data integrity standard for personal data.