Demo Free trial Request quote Contact me

Personal Data Protection Act (Malaysia)

Privacy legislations

Data protection and privacy legislation are being implemented on a global basis, and according to the United Nations 107 countries have put in place legislation to secure the protection of data and privacy.

The new legislation regulates the collection, storage, processing, security, and use of personal data. And it creates obligations on organizations and individuals to ensure personal data of others from being abused, disclosed, or lost.

For organizations across the world, the data protection and privacy legislation being adopted has a significant impact, making it crucial for organizations to build capabilities for implementation, monitoring, and enforcement.  

Personal Data Protection Act

In Malaysia, all individuals and organizations that process personal data in their dealings must comply with the rules set out in the Personal Data Protection Act 2010 (PDPA). The main objective of PDPA protect an individual's personal information to be processed for the purposes of commercial transactions  Organizations that process personal data such as name, address id-card number, health information, and e-mail address are required to protect the data from any unauthorized access, disclosure or loss.

Something which can prove to be a challenge in today’s complex IT-environments that commonly consists of a combination, servers, routers, databases, applications, and more.  These systems are in various ways interconnected which means that security measures must be implemented throughout the IT-environment to be effective. In addition, to ensure the security of systems holding personal data, it is necessary to have a well-structured process that continuously verifies system resilience.

Read more about PDPA at

This is how we could help your organization to meet the security challenges of PDPA

Holm Security VMP (Vulnerability Management Platform) protects your organization by detecting vulnerabilities before any malicious individual or organization does. The platform includes vulnerability management for networks and websites, risk analyses for social engineering and a variety of tools that facilitate continuous safety work.

Identify and manage systems that hold personal data.
Asset management.
Pinpoint and manage your systems that keep personal data with our device administration function.
Leakage of personal data from systems.
Vulnerability management of networks and systems.
Our services Network Scanning and Web Application Scanning detects vulnerabilities in networks and systems that hold or are in relation to personal data.
Leakage of personal data from your users/employees.
Vulnerability assessment of the user.
Our Fraud Risk Assessment is used to measure and increase resilience to attempts to get your users to leak personal data.
Exposed personal data.
Web Application Scanning
Our Web Application Scanning service detects exposed personal data in web applications
Incident reporting.
Reports can be generated based on specific vulnerabilities for reporting to appropriate person or authorities.
Vulnerability exposure information to appropriate person/organization e.g. Cyber Security Office and authorities.
Automatic reports adapted for management and board.
Resolve vulnerabilities.
Vulnerability Manager.
Information and working tools to address vulnerabilities in systems related to personal data.