By: Sonny Zulhuda
Data protection is a critical and integral part of information security standards and best practices. One of the domain under ISMS is legislative and the regulatory domain, which require the objects to a dress and comply with relevant statutes and laws on information security.
At the same time, the PDP law does enumerate in one of its data protection principles the security principle. Under this principle, a data user shall ensure both technical and organizational security measures are well in place to safeguard the personally identifies information (PII) that they process.
Therefore it is only right to regard that data security and privacy comes together. With this background, the IAT convened this workshop where I will speak too.
TRIBUTE 
A BIG COMPLIANCE UPDATE.
“BIG COMPLIANCE IN THE AGE OF INNOVATION: PERSONAL DATA PROTECTION LAW IN MALAYSIA AND ASEAN REGION”
Jeong Chun Phuoc.
A. INTRODUCTION
The PERSONAL DATA PROTECTION ACT 2010 (‘PDPA 2010’) was enforced within reasonable time by Malaysia commencing 15 Nov 2013. Despite its enforcement, the private sector is still in the dark. Many do not have in place any proper PDPA COMPLIANCE PROGRAM.
The PDPA enforcement position adopted by Singapore is a good move in the right direction as well.
B. COMPLIANCE ASSESSMENT
Despite potential serious fines and penalties for PDPA violations and PDPA non-compliance, the attitude remains lackadaisical.
C. PHASE 2 ENFORCEMENT
In Phase 2 of the COMPLIANCE & ENFORCEMENT MODEL, strict enforcement and audit measures will be taken to enforce COMPLIANCE.
D. CONCLUSION.
Megatrend in PDPA protection will see full adoption and enforcement of PDPA protection within ASEAN region in particular, commencing ASEAN ECONOMIC COMMUNITY (AEC) 2015 and beyond.
E. COMPLIANCE PROGRAM
Organisations are strongly advised to establish an effective COMPLIANCE PROGRAM to ensure full compliance with PDPA ACT 2010 to avoid serious fines and penalties for non-compliance/violations under the PDPA 2010.
………………………………..
JEONG CHUN PHUOC
Advocate in Big Compliance under CLI Framework.
He may be reached at jeongchunphuoc@gmail.com
(this is his personal view)