Malaysia: Personal Data Protection Commissioner adopted circular on personal data breach notification (Circular No. 2/2025)

Personal Data Protection Commissioner adopted circular on personal data breach notification (Circular No. 2/2025)

On 21 May 2025, the Malaysian Personal Data Protection Commissioner adopted the circular on personal data breach notification (Circular No. 2/2025). Under the circular, data controllers must notify the Commissioner as soon as practicable upon suspec…

Scope

Policy Area

Data governance

Policy Instrument

Data protection regulation

Regulated Economic Activity

cross-cutting

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2024-08-23

in consultation

On 23 August 2024, the Malaysian Department of Personal Data Protection opened a public consultatio…

2024-09-06

processing consultation

On 6 September 2024, the Malaysian Department of Personal Data Protection closed its public consult…

2025-05-21

adopted

On 21 May 2025, the Malaysian Personal Data Protection Commissioner adopted the circular on persona…

2025-06-01

in force

On 1 June 2025, the Personal Data Protection Commissioner’s circular on personal data breach notifi…

Description

Personal Data Protection Commissioner adopted circular on personal data breach notification (Circular No. 2/2025)

Scope

Complete timeline of this policy change