On 23 December 2015, the Personal Data Protection Commissioner (“Commissioner”) published the Personal Data Protection Standard 2015 after consulting members of the public. The Standard sets out the minimum standards to process personal data and it is applicable to anyone who processes or has control or authorises the processing of any personal data relating to commercial transactions. Broadly, it sets out the security standards (electronic and non-electronic processing), retention standards and integrity standards.
For more information, please refer to the Personal Data Protection Standard 2015 (in Malay language only). The English language will be released by the Commissioner in due course.