Malaysia is planning to amend its data protection laws to introduce a data breach notification regime and a wide expansion of the rights of data subjects. Once in effect, companies are required to, among other things, 1) provide detailed summaries of data breaches to the Malaysian Personal Data Protection Commissioner (the Commissioner), including the type and amount of personal data compromised; 2) implement containment and control measures and outline in detail the measures taken to minimize the impact of the breach; 3) notify the Commissioner within 72 hours of becoming aware of a breach, providing details on the method in which the company is notifying the affected data subjects and the advice it is giving to those subjects; and 4) instill data protection training programs and provide details to the Commissioner about the content of those programs, including whether company employees received training in the last 24 months.
The Communications and Multimedia Minister has stressed the need for a refresh of the legislation, in a process that should take the EU’s General Data Protection Regulation (GDPR) into consideration. The proposed amendments could mean wide-scale alterations to business practices and the need to adopt practices similar to those required by the GDPR.
Sidley Austin LLPはクライアントおよびその他関係者へのサービスの一環として本情報を教育上の目的に限定して提供します。本情報をリーガルアドバイスとして解釈または依拠したり、弁護士・顧客間の関係を結ぶために使用することはできません。
弁護士広告 - ニューヨーク州弁護士会規則の遵守のための当法律事務所の本店所在地は、Sidley Austin LLP ニューヨーク：787 Seventh Avenue, New York, NY 10019 (+212 839 5300)、シカゴ：One South Dearborn, Chicago, IL 60603、(+312 853 7000)、ワシントン：1501 K Street, N.W., Washington, D.C. 20005 (+202 736 8000)です。