What are the penalties for non compliance of the PDPA in Malaysia?
What are the penalties for non compliance of the PDPA in Malaysia?
The penalty for breaching the personal data protection principles set out under the PDPA is the imposition of a fine not exceeding RM 300,000 (USD 1 = RM 3.80) and/or imprisonment not exceeding 2 years.
Which are penalties for non compliance of PDPA?
PENALTIES Failure to comply with the PDPA could result in civil liabilities with punitive damages, administrative fines of up to THB 5 million (approx. €135,400), and criminal penalties which include imprisonment for up to one year, or a fine of up to THB 1 million (approx. €27,080), or both.
What are the consequences of a PDPA breach?
Although you may not be able to obtain compensation for a data breach, there are potential consequences for companies that fail to discharge their obligations under the PDPA. Such organisations could face a financial penalty of up to S$1 million.
What are the 9 PDPA obligations?
The 9 Main Obligations of the PDPA in Singapore
- Consent Obligation.
- Purpose Limitation Obligation.
- Notification Obligation.
- Access & Correction Obligation.
- Accuracy Obligation.
- Protection Obligation.
- Retention Limitation Obligation.
- Transfer Limitation Obligation.
Does Malaysia have data protection Act?
On 15 November 2013, the Personal Data Protection Act 2010 (PDPA) came into force in Malaysia with the objective of protecting the personal data of individuals with respect to commercial transactions.
What are the penalties for non compliance with the PDPA Singapore?
The maximum financial penalty for breaches of the PDPA has now been increased to SG$ 1 million, or 10% of the organisation’s annual turnover in Singapore where that turnover exceeds SG$ 10 million, whichever is higher.
What is considered PDPA breach?
A data breach, in relation to personal data, refers to any unauthorised access, collection, use, disclosure, copying, modification or disposal of personal data.
What is covered under PDPA?
The PDPA covers personal data stored in electronic and non-electronic formats. It generally does not apply to: Any individual acting on a personal or domestic basis. Any public agency in relation to the collection, use or disclosure of personal data.
How many PDPA obligations are there?
8 obligations
In the PDPA, the government of Singapore has outlined 8 obligations that companies collecting and using personal data must follow.
How do I become a PDPA compliant?
Steps for PDPA Compliance
- Appoint a Data Protection Officer.
- Notify Purposes and Seek Consent.
- Respond When Clients Ask About PD.
- Ensure Accuracy; Allow Correction of PD.
- Secure the PD Held By Your Organisation.
- Dispose of PD That is no Longer Needed.
- Ensure Protection of Personal Data when Transferring Overseas.
What is the maximum penalty under PDPA in Malaysia?
If convicted, the maximum penalty is a fine of RM500,000 or up to three years in jail, or both. It was the first case to be prosecuted under the PDPA, and based on our correspondence with Personal Data Protection Department (“PDPD“), it will be the first of many.
When did Malaysia pass the Personal Data Protection Act?
After years in the making, the Malaysian Personal Data Protection Act 2010 (PDPA) was enforced on 15 November 2013. The PDPA is the first legislation passed on data protection in the Southeast Asian region, paving the way for other similar legislative developments in Southeast Asia.
What’s the maximum penalty under Personal Data Protection Act?
In early May 2017, a company in the educational industry was charged under the Personal Data Protection Act 2010 (“PDPA”) for processing the personal data of former employees without a certificate of registration. If convicted, the maximum penalty is a fine of RM500,000 or up to three years in jail, or both.
What does the PDPA do to personal data?
In essence, the PDPA governs the processing of personal data in commercial transactions.