Navigating Malaysia's Personal Data Protection Amendment 2024

In July 2024, Malaysia's Parliament passed the Personal Data Protection Amendment Bill 2024, introducing major updates to the Personal Data Protection Act 2010 (PDPA).

Aiming to align Malaysia's data protection framework with international standards and address emerging challenges in data privacy, the amendments pose new obligations for businesses handling Malaysian personal data, along with stricter penalties for not meeting the new standards.

With the new bill expected to come into effect in early 2025, now is the perfect time to ensure your business is prepared to start the New Year with confidence, knowing you’re fully compliant. To support you, we’ve compiled all the essential information you need to protect Malaysian personal data and align with the updated PDPA regulations, empowering your business to navigate these changes seamlessly.

What’s new in Malaysia’s Personal Data Protection Amendment 2024?

The amended PDPA enhances requirements for data protection, governance, and accountability. Key changes include:

1. The term “data controller” replaces "data user"

In the 2024 amendment, the term “data controller” replaces "data user." This refers to those who process any personal data or have control over, or authorize, the processing of any personal data.

2. Mandatory appointment of a data protection officer (DPO)

Data controllers and data processors must designate a DPO. The DPO will be accountable to the data controller and data processor for ensuring the organization's adherence to the PDPA.

3. Stronger data breach notification requirements

Data controllers must promptly notify the PDP Commissioner of any data breach, or face a fine of up to RM250,000 and/or up to two years in prison.

4. Biometric data

"Biometric data" has been added to the 2024 amendment and is now classified as sensitive personal data, which requires more stringent handling procedures.

5. Data portability rights

Individuals can now request their data to be transferred to another service, which facilitates easier switching between service providers.​

6. Cross-border data transfers

New regulations introduce clearer frameworks for transferring data outside Malaysia, ensuring that international data flows adhere to stringent protections.

Why compliance matters

Compliance with the amended PDPA is not only a legal obligation but also an opportunity to build trust with customers, partners, and stakeholders. As cyberthreats grow increasingly sophisticated, meeting data protection standards is crucial for safeguarding sensitive information and ensuring business continuity.

However, navigating these changes can be complex, especially for businesses without dedicated data protection expertise. That’s where Barracuda comes in.

How Barracuda can help your business stay compliant

At Barracuda, we specialize in empowering businesses with the tools and expertise needed to meet evolving data protection requirements. Here’s how we can support you:

1. Data security and privacy solutions

Barracuda’s comprehensive suite of data protection tools includes email, application, and network security solutions that help protect sensitive data from cyberattacks, unauthorized access, and breaches.

2. Automated compliance monitoring

Our solutions integrate automated compliance checks to ensure your systems continuously meet the requirements of Malaysia’s updated PDPA, reducing the risk of noncompliance.

3. Data breach response tools

Barracuda offers real-time breach detection and incident response capabilities, enabling businesses to detect, report, and mitigate breaches quickly, meeting the new breach notification requirements.

4. Support for cross-border data transfers

With secure cloud solutions, Barracuda ensures that your data transfers comply with Malaysia’s cross-border regulations, keeping sensitive information safe and secure across global operations.

5. Empowering your DPO

With our easy-to-use management dashboards and reporting tools, your Data Protection Officer can efficiently oversee compliance activities, identify risks, and generate audit-ready reports.

Staying ahead of cyberthreats

As regulations evolve, so do cyberthreats. Malaysia’s PDPA amendments underscore the need for businesses to stay vigilant and proactive in their approach to data protection.

Barracuda is here to support your compliance journey every step of the way. With our cutting-edge solutions and expertise, we’ll help your business meet its PDPA obligations, safeguard personal data, and thrive in today’s digital landscape.

Ready to ensure compliance? Contact us today to learn how Barracuda can help protect your business and help you meet the new PDPA requirements.