Securiti launches Gencore AI, a holistic solution to build Safe Enterprise AI with proprietary data - easily
ViewLast Updated on November 16, 2023
Learn how you can leverage Securiti’s Data Command Center to address data security, privacy, governance, and compliance.
See a demo
The Parliament of Malaysia passed Malaysia’s Personal Data Protection Act (PDPA) on 2 June 2010. The PDPA sets out a complete cross-sectoral framework to protect the personal data of individuals with respect to commercial transactions. The PDPA applies to any person or data controller (organization) who processes or has control over a data subject’s personal data. The PDPA aims to avoid any misuse of individuals’ personal data.
Malaysia’s Personal Data Protection Act was implemented on November 15, 2013.
In July 2024, the Malaysian Parliament passed the long-awaited Amendment (the 2024 Amendment) to the PDPA, which introduced changes to the existing provisions of the PDPA and added some additional obligations.
Securiti empowers organizations worldwide to ensure smooth compliance with Malaysia’s PDPA with its AI-driven data discovery, DSR automation, universal consent management, autonomous documented accountability, data breach management, and vendor risk assessment functionality.
Securiti enables organizations to comply with Malaysia’s PDPA through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.
Securiti supports enterprises' journey toward compliance with Malaysia’s PDPA through automation, enhanced data visibility, and identity linking.
Section: 44(1)
As stated in Malaysia's PDPA, data subjects have multiple rights. They must be informed of the use of their personal data and can access the data held by an organization. To act per the PDPA, organizations must streamline the initiation of verified DSR requests.
Section: 5, 12, 30,31, 32, 33
Conveniently disclose the required information to the data subjects free of charge via the secure, centralized portal. Automating the delivery and generation of secure data access reports minimizes the risk of any compliance violations.
Section: 5, 11, 12, 34, 35, 36, 37
Seamlessly fulfill all data rectification requests with automated data subject verification and rectification workflows across all appearances of a subject’s personal data.
Section: 42, 43
Using collaborative workflows, create a customized framework for objection and restriction of data processing handling, following your business requirements.
Section: 43 A
Seamlessly fulfill all data portability requests by automating the discovery and mapping of personal data across systems.
Section: 10
Conveniently manage erasure/destroy/anonymize requests through flexible and automated workflows.
Section: 6(1),7, 8, 38, 40(1)
Routinely monitor and track data subjects' consent to prevent the illegal transfer or processing of data without the user’s consent. Continuously validate consent compliance with regulators and data subjects for swift action.
Section: 5, 6, 44(1)
Keep a birds-eye view of potential risks against non-compliance to data subjects’ rights and other organizational obligations by routinely monitoring and scanning personal consumer data.
Section: 44(1), 129
Conveniently trace, manage, and monitor data flows from a single interface. Generate reports to gain comprehensive visibility of all data points, any cross-border data transfers, vendor contracts, and compliance documents.
Section: 12 (b)
Automate compliance actions and breach notifications to concerned stakeholders regarding any data breach incidents by leveraging a knowledge database on security incident diagnosis and response.
Section: 9(2)
Keep a close track of privacy and security readiness for all your service providers and processors via a single interface. Collaborate directly with vendors, automate data requests and deletions, and manage all vendor contracts and compliance documents.
Section: 6(1),7, 8, 38
Automatically scan your organization's web properties, categorizing tags and cookies. Build customizable cookie banners, collect consent, and provide a preference center.
Section: 7
Dynamically update privacy policies and notices to comply with the PDPA. Automate the process of publishing your privacy notices with pre-built templates. Enable centralized management by tracking and monitoring privacy notices to maintain compliance.
Right to be informed: Data controllers must inform data subjects by written notice of any matters relating to the processing information of the data subject.
Right to access: Data subjects have the right to access their data and correct it if found inaccurate, incomplete, misleading, or outdated. Data controllers must acknowledge receipt of a data access request.
Right to correction: Data subjects have the right to rectification of their personal data if it is found inaccurate, incomplete, misleading, or outdated. Data controllers must acknowledge receipt of a data correction request.
Right to opt-out: A data subject can withdraw consent for the processing of his/her personal data at any time by way of written notice.
Right to prevent processing: With written notice, a data subject can withdraw consent for the processing of his/her personal data if it might cause them any damage or distress.
Right to data portability: A data subject can request data controllers to transfer their personal data to another data controller of their choice.
The Personal Data Protection Commissioner is the acting and responsible regulatory authority in Malaysia for implementing and executing PDPA.
The purpose of PDPA is to strengthen consumer confidence in business transactions and e-commerce by seeking user consent to sell their personal data.
Certain classes of data controllers are required to register under the PDPA. Data controllers are also required to display their certificate of registration at a conspicuous place at their principal place of business and a copy of the certificate at each branch, where applicable.
The PDPA has seven data protection principles, including the General Principle, Notice and Choice Principle, Disclosure Principle, Security Principle, Retention Principle, Data Integrity Principle, and Access Principle. Under the 2024 Amendments to the PDPA, the maximum penalty for non-compliance with the principles of the PDPA is MYR 1 million (approx. $212,530) and 3 years imprisonment.
The PDPA does not apply to any personal data processed outside Malaysia unless the data is intended to be further processed in Malaysia.
At Securiti, our mission is to enable organizations to safely harness the incredible power of Data & AI.
Copyright © 2024 Securiti · Sitemap · XML Sitemap
info@securiti.ai
Securiti, Inc.
300 Santana Row
Suite 450
San Jose, CA 95128
