Malaysia: Announced Amendment to the Personal Data Protection Act 2010 (Act 709) including cybersecurity regulation

Announced Amendment to the Personal Data Protection Act 2010 (Act 709) including cybersecurity regulation

On 4 July 2024, the Cabinet of Malaysia announced proposed amendments to the Personal Data Protection Act 2010 (Act 709). The Amendment Act would introduce direct obligations on data processors to adhere to security requirements with penalties for breaches as well as maintain a mandatory breach notification system to both the Personal Data Protection Commissioner and affected data subjects in cases of significant harm.

Original source

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

cross-cutting

Implementation Level

national

Government Branch

executive

Government Body

central government

Complete timeline of this policy change

Hide details

2024-07-04

under deliberation

On 4 July 2024, the Cabinet of Malaysia announced proposed amendments to the Personal Data Protecti…

2024-07-10

under deliberation

On 10 July 2024, the Personal Data Protection (Amendment) Act 2024 was introduced into the House of…

2024-07-16

under deliberation

On 16 July 2024, the Personal Data Protection (Amendment) Act 2024 was passed by the Malaysian Hous…

2024-07-31

adopted

On 31 July 2024, the Personal Data Protection (Amendment) Act 2024 was adopted by the Malaysian Sen…

Description

Announced Amendment to the Personal Data Protection Act 2010 (Act 709) including cybersecurity regulation

Scope

Complete timeline of this policy change