On 1 May 2020, the Prime Minister of Malaysia announced that all businesses except those which are set out in the
List of Prohibited Activities are permitted to operate from 4 May 2020 (‘
MCO Phase 4’) subject to strict compliance with the standard operating procedures established by the relevant regulatory authorities.
The Department of Personal Data Protection (‘
JPDP’) has issued an advisory (‘
Advisory’) on the collection, processing and retention of personal data by businesses which are permitted to operate during the conditional movement control order (‘
CMCO’) period, following its approval in a Special Ministerial Committee Meeting on the Implementation of the MCO held on 21 May 2020. A copy of the Advisory is available
here.
This Alert outlines the requirements prescribed in the Advisory that must be complied with by businesses operating during the CMCO period, in line with the data protection principles under the Personal Data Protection Act 2010 (‘
PDPA’). The requirements are as follows:
JPDP will be monitoring the compliance level of businesses from time to time and will not hesitate to take enforcement actions, if necessary. Failure to comply with the Advisory may result in a fine of not exceeding RM300,000 or an imprisonment term not exceeding two (2) years, or both.
If you have any queries, please contact our Ms. Jillian Chia (Partner) at jc@skrine.com or Ms. Beatrice Yew (Associate) at beatrice.yew@skrine.com.