Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Malaysia: Senate passes PDPA amendment bill on second reading
On July 31, 2024, Bill D.R. 21/2024 for an Act to amend the Personal Data Protection Act (PDPA) passed in the Senate on its second reading, after being read for the first time on July 22, 2024. The bill previously passed in the House of Representatives on July 16, 2024.
The bill's provisions include:
- the mandatory appointment of a data protection officer (DPO) by data controllers and processors;
- mandatory data breach notification by data controllers to the Personal Data Protection Commissioner;
- sanctions of fines, imprisonment, or both for non-compliance with data breach notifications;
- data subjects' right to data portability, subject to technical feasibility and data format compatibility;
- the requirement for data processors to comply with the security principle under the PDPA;
- an increase in the maximum penalty for breach of the principles under the PDPA; and
- changes in the rules regarding data transfers.
Next steps
The bill will become law after receiving Royal Assent. The bill will enter into effect on a date appointed by the Minister of Communications and Multimedia by notification in the Gazette.
You can read the bill here and view its history on the Parliament's website here, both only available in Malaysian.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
