PETALING JAYA: The Personal Data Protection Department (JPDP) stressed that it is compulsory for companies such as telcos and banks to register under the Personal Data Protection Act 2010 (Act 709).

“Failure to do so may result in penalties under Section 16(4) of the act, including fines up to RM500,000.00, imprisonment for a maximum of three years, or both,” it said.

It said that all companies listed under the Data User group are obligated to register under Act 709, which serves to regulate the processing of personal data in commercial transactions.

The types of companies listed are communications (both telco and courier), banking/financial institution, insurance, health, tourism/hospitality, transport (airline company), education, direct selling, services such as retail, employment agency, engineering and architecture, real estate, utility, pawn shop and financial loan provider.

Companies that don’t fall under the group but process data for commercial transactions are also required to comply with Act 709, JPDP said.

“This will enhance the company’s compliance with data protection and boost customer confidence in the company,” JPDP added.

Apart from establishing a Data User repository in Malaysia, JPDP said the registration will enable it to communicate policy changes and provide advisory services on personal data protection.

JPDP and the Communications and Digital Ministry said both entities are committed to strengthening compliance with PDPA 2010 (Act 709) to address issues related to personal data breaches and misuse in Malaysia.

More information on the registration process can be found at daftar.pdp.gov.my.