Advisory on protecting contact tracing information approved

A new guideline drafted by the Department of Personal Data Protection will outline measures that business owners must take protect the contact tracing data given by users during the CMCO period. - SAM THAM/The Star

PETALING JAYA: An advisory by the Department of Personal Data Protection (JPDP) on the collection, processing and possession of personal data by businesses during the conditional movement control order period (MCO) has been approved.

“The advisory was drafted in accordance with the Personal Data Protection Act, ” said Personal Data Protection commissioner Mazmalek Mohamad, adding that the Covid-19 committee chaired by Senior Minister Datuk Seri Ismail Sabri Yaakob had approved the content and an announcement would be made soon.

According to the advisory, businesses are only permitted to record minimal information – name, contact number, as well as dates and times of visit – and can choose to collect the information digitally or manually.

For manual data collection, a specific document must be prepared and used throughout the conditional MCO period. Staff recording the data must not disclose the information without permission.

The department said it would monitor the compliance level of businesses from time to time. Failure to comply could result in a fine of no more than RM300,000 or a prison term of no more than two years or both, if convicted.

When the government announces the end of the conditional MCO, the data must be disposed of permanently within six months.

The advisory also requires businesses to display a notice citing that it is compulsory for visitors to present the requested information and its purpose is in accordance with the Prevention and Control of Infection Disease Act.

Experts welcomed the decision to introduce an advisory to help protect contact tracing info given by visitors to various establishments.

“It’s good to have a standard approach for businesses that process personal data. It also removes any uncertainty, ” said Foong Cheng Leong, the Bar Council Information Technology and Cyber Laws Committee deputy chairman.

He hoped that the advisory would introduce standard operating procedures that are suitable for both small medium enterprises (SMEs) and large businesses.

“It should not be too onerous on businesses especially for small outfits with fewer employees, ” he said, suggesting that the government encourage larger businesses like shopping malls to use a designated online platform to register visitors, as it could help to prevent the misuse of personal data.

“The data should only be maintained by a specific department with the sole purpose of aiding the Health Ministry with contact tracing.”

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 0
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Nation

SAR ops for missing army commando resumes in Melaka
Port Dickson court fines two loan shark agents RM3,000 for intimidation, five months jail
Sentosa Perdana residents see no end to litterbugs in their community
14-year-old girl missing in Ipoh, family say she's been gone since mid-December
Radical measures to spur the economy to be presented in Budget 2023, says PM
Foreign embassies not authorised to issue temporary visit pass for citizens to remain in Malaysia
Ambiga takes a dig at Anwar with ‘A green light for all Ministers to bring in family’ tweet
Puspen staff member, trainee charged with murder
Malaysia forms special team to coordinate humanitarian aid to Turkiye, Syria
Anwar to make official visit to Thailand on Feb 9

Others Also Read