Malaysia

The Malaysian Personal Data Protection Act of 2009 mandates, among others, that any person in Malaysia who collects or stores any personal data in respect of commercial transactions, should take practical steps to protect the personal data from any loss or unauthorized access or disclosure. Penalties for incompliance comprise fine not exceeding 250000 ringgit or imprisonment for a term not exceeding two years or to both. The policy comprises rules for detection of Malaysian personal information, such as Malaysian ID, alone or in combination with sensitive information such as sensitive health information, credit card numbers, account number, ethnicities and religion etc. Additional rules detect combinations of names with sensitive health information or passwords.

• Malaysia PDPA: DNA Sequence
• Malaysia PDPA: ID number
• Malaysia PDPA: ID Number and Account Number
• Malaysia PDPA: ID Number and Credit Card Number
• Malaysia PDPA: ID Number and Crime
• Malaysia PDPA: ID Number and Ethnicity or Religion
• Malaysia PDPA: Name and Password (Wide)
• Malaysia PDPA: Name and Password (Default)
• Malaysia PDPA: Name and Password (Narrow)
• Malaysia PDPA: Name and Sensitive Health Information