“Can my lecturer access my personal information?” – And Other Issues of Data Protection at the Higher Learning Institutions 

By: Sonny Zulhuda 

In the past week alone, I spoke about the personal data protection law at two Malaysian public universities; Universiti Sultan Zainal Abidin (UniSZA) Kuala Terengganu and Universiti Malaysia Pahang (UMP) Pekan. While the former was an internal programme, the latter talk was attended by other public universities’representatives who were members of Majlis Tatatertib dan Disiplin Universiti-universiti Awam Malaysia (MATDUM).

In this post, I would like to note some discussions we had on the implementation of the Personal Data Protection Act 2010 at the University environment.

IMG_20170319_095449

The education industry is indeed among those where personal information is highly processed. The data subjects include students (prospective, actual and graduates), university’s employees, as well as any individuals involved in the data processing.

Continue reading

Advertisements

PDP Law Compliance for Educational Institution

By: Sonny Zulhuda

Educational institutions -universities, colleges, schools, etc.- are among those who are regulated by the Personal Data Protection Act (PDPA) 2010. The data subjects include: students (obviously the main object here), staffs or employees, vendors, alumni, sponsors, as well as those applicants who have yet join the universities/schools.

The amount of personal data are potentially bulky: personal details, medical records, financial and scholarship records, academic records, student societies records, disciplinary records and even post-study information about the students. Given this situation, people who deal with students’ data in the educational institutions would need to ensure their handling of personal data is in line with the demands of the Act.

In introducing the subject matter to the community in the University, I will be speaking in this following workshop, together with my friend Noriswadi Ismail from Quotient Consulting Sdn Bhd and PDP Academy LLP, and Dr. Federico Feretti from Brunel Law School, London, UK.

Banner PDP Workshop AIKOL 28052014 (4)

Do-Not-Call Registry (DNCR) to Protect Personal Data?

By: Sonny Zulhuda

In March, I featured in The Sunday Star (9/3/2014) reporting on the need to establish a “Do not call registry” to protect people’s personal information. The main issue discussed was to scrutinize an initiative to have a DNCR and its operational and legal challenges. The full report can be traced here.

Image

 

The question that was posed to me was: (1) How good is the idea of DNCR for Malaysian consumers? AND (2) Do you foresee any issues that might arise when they  implement this?

Here are my comments:

  • The PDPA 2010, unlike Singapore’s law, does neither provide nor mandate specifically about Do Not Call (DNC) registry.
  • Nevertheless, DNC registry is an advanced step towards protecting individuals personal data, therefore it is highly commendable. It does require a carefully-structured procedure and rules. Continue reading

Personal Data Protection Act & Information Assurance – at ISACA Evening Talk

By: Sonny Zulhuda

I will be speaking on the above topic this week (Tuesday, 18th February 2014) to  IT Governance professionals affiliated under the ISACA Chapter Malaysia. I was informed at least one hundred people will be attending.

ISACA Feb 2014This will be my first speech on PDPA after the lapse of 3-month grace period set up by the PDP authority in Malaysia. I can foresee the level of enthusiasm from participants is high.

Details are here: http://www.isaca.org/chapters3/Malaysia/Documents/Talk%20-%20PDPA%20-%20Feb%202014%20FINAL.pdf

Here is the home page for the Chapter: http://www.isaca.org/chapters3/Malaysia/Pages/default.aspx

  • October 2017
    M T W T F S S
    « Jul    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  
  • Visitor

    free counters

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,574 other followers