Malaysia is planning to amend its data protection laws to introduce a data breach notification regime and a wide expansion of the rights of data subjects. Once in effect, companies are required to provide detailed summaries of data breaches to the Malaysian Personal Data Protection Commissioner; implement containment and control measures and outline in detail the measures taken to minimize the impact of the breach; notify the Commissioner within 72 hours of becoming aware of a breach; and instill data protection training programs and provide details to the Commissioner, including whether company employees received training in the last 24 months.
Read more