Legality and Compliance in the Digital Sphere (Theory)

Karim, R. (Contributor)

Malaysia School of Business

Activity: Community Talks, Presentations, Exhibitions and Events › Public lecture/debate/seminar

Description

In Malaysia, collection, processing, storage, transfer and retention of individuals’ personal data are governed under the Personal Data Protection Act 2010 (the “Act”). In short, the Act regulates the processing of personal data in commercial transactions in Malaysia. In 2019, the Personal Data Protection Commissioner Malaysia (“PDPCM”) undertook the Act’s compliance inspections on business and commercial entities operating in Malaysia. The PDPCM’s enforcement approach in 2019 had focused on the sectors of services, education, tourism and hospitalities, in particular the services sector, where the number of inspection visits conducted by PDPCM was approximately twenty (20) % of the total conducted inspections. Hence, it is essential for the businesses operating digitally in the services sector to comply with the data protection standards and principles.

Handling contact data (personal data) for any reason within a company is classed as data processing. For example, creating an email list is data processing. To comply with PDPA, data should be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing. Hence, it is important to know the requirements to comply with the Act for any business operating in the digital sphere. In this session, we will understand the legal regime of personal data protection, analyse the Personal Data Protection Principles, and comprehend the steps to ensure compliance with the Minimum Standards.

Objectives

Understand the legal regime of personal data protection.
Analyse the personal data protection principles.
Evaluate Personal Data Protection Principles for direct marketing.
Comprehend the steps to ensure compliance with the minimum standards.

Contents

General Overview of PDPA
Complying Measures of the Personal Data Protection Principles
Direct Marketing and Personal Data Protection in Malaysia
Minimum Standards Under the Security Principle, the Retention Principle, and the Data Integrity Principle
Ensuring Compliance with the Minimum Standards
Frequently Asked Questions (FAQ)
Q/A session

Period	17 May 2022
Event title	DIGITAL MARKETING TRANSFORMATION INITIATIVE (DMTI)
Event type	Seminar
Degree of Recognition	Local