Overview of key amendments
The Ministry of Digital, through the Personal Data Protection Commissioner (Pesuruhjaya Perlindungan Data Peribadi (PPDP)) has made amendments to the Personal Data Protection Act 2010, and passed the Personal Data Protection (Amendment) Act 2024. These amendments are intended to ensure that Malaysia’s data privacy and protection regime remains up to date with technological advancements and aligns with international standards.
The amendments were passed by the Dewan Rakyat on 16 July 2024, and subsequently approved by the Senate on 31 July 2024. Following Royal Assent on 9 October 2024, the amendments were officially gazetted by the Attorney-General’s Chambers on 17 October 2024.
These amendments are significant, introducing greater accountability for organisations handling personal data. In summary, the amendments can be outlined as follows:
Novel amendments
Amendments built upon pre-existing provisions
Amendments related to administration & enforcement
Important developments on the horizon
Organisations are advised to closely monitor developments in this area and prepare for the additional compliance obligations they may potentially arise. The Personal Data Protection (Amendment) Act 2024 will be further supplemented by forthcoming guidelines, circulars and standard.
These guidelines will specifically address key areas such as data breach notification, the role of data protection officers, data portability, cross-border data transfers, data protection impact assessments, privacy by design, as well as profiling and automated decision-making.
Are you prepared?
The Personal Data Protection (Amendment) Act 2024 will have a significant impact on organisations across four key dimensions: People, Process, Policy, and Technology. These changes necessitate a re-evaluation and adaptation of current practices.
At Deloitte, our Digital Privacy and Trust team provides a suite of services that can help your organisation evolve your program to protect the data and business models that truly matter, while keeping up with the latest regulatory changes. We also offer tailored solutions based on your organisation’s characteristics and needs.
We hope this brochure will guide organisations in navigating the data privacy and protection landscape and requirements in Malaysia.