The Malaysian Personal Data Protection Department (“PDPD“) recently issued the Public Consultation Paper No. 1/2015 on the Proposed Personal Data Protection Standards(“Standards“). The Standards are meant to act as a minimum requirement from the PDPA to govern the collection, processing and maintenance of personal data by data users pursuant to the Personal Data Protection Act.  The Standards are not in force yet as the PDPD is currently seeking feedback on the revised Standards.

Some of the key proposals in the Standards include requiring data users to comply with the following:

  • Setting physical security procedures such as controlling the entry to and exit from the data storage area (including CCTV monitoring and 24 hours security guard services, if necessary)
  • Having proper back-up and recovery systems and anti-virus software to protect against unauthorized access to personal data
  • Entering into contracts with third parties who are processing personal data on behalf of the data user
  • Conducting Personal Data Protection awareness programs and training
  • Disposal of hard copies to be done by shredding machines or other appropriate measures
  • Having Standard Operating Procedures in place for accessing and using personal data
  • Having regular / scheduled deletion of inactive personal data

The Standards, once in force, will impose additional responsibilities on data users to ensure that they are in compliance with the Personal Data Protection Act (“Act“). Given that some of the Standards can be considered onerous and costly to data users (especially SMEs) it is likely that some of the Standards will be revised further in the following days.  Notwithstanding the above, data users should always ensure that they do not just pay lip service to the requirements of the Act and that serious efforts are made to adhere to the 7 Principles of Data Protection as set out in the Act.

Direct Marketing and Personal Data Protection in Malaysia
Donovan & Ho is now on Instagram

Latest Articles

Legal Update: Key Changes in the Labuan Foundation (Amendment) Bill 2024

by | May 19, 2025 |

Companies (Access to the Register and Information Relating to Beneficial Ownership) Regulations 2025

Merges & Acquisitions In Malaysia – Purchases of Business Assets May Attract Up To 4% Ad Valorem Stamp Duty

by | April 9, 2025 |

Case Spotlight: Challenging an Industrial Court Award – Judicial Review or Appeal? Show Cause Letter: Is It A Ground for Constructive Dismissal?

‘Stuck In A Meeting’? The Sticky Issue Of Quorum At Company Meetings

by | January 27, 2025 |

“Quorum” is the minimum number of members (or their representatives) required for company meetings such as board meetings or shareholder meetings to be carried […]

Share This