PUTRAJAYA, Nov 3 2017 : The Personal Data Protection Department (JPDP) will act more aggressively in monitoring data processing misuse in commercial transactions to prevent the public from becoming victims of cyber crime.
Its commissioner Khalidah Mohd Darus said in line with the enforcement of the Personal Data Protection Act 2010 (PDPA) (Act 709) earlier this year, the department was currently conducting a compliance audit of companies from 13 business sectors involved with the processing of personal data in commercial transactions.
The business sectors are communication, banking and financial institutions, insurance, health, tourism and hospitality, transportation, education, direct sales, services, real estate, utilities, pawn brokers and money lenders.
“All 13 business sectors using consumer personal data are required to register their business under JPDP,” she told Bernama after a briefing on the Personal Data Protection Act 2010 to representatives of private and government agencies here, yesterday.
According to her, when the Personal Data Protection Act was first passed by Parliament in 2010, various awareness programmes for users and advisory sessions for companies involved with personal data collection were held.
“So in 2017, the year the Act comes into enforcement, it is hoped that all parties would take seriously the importance of protecting personal data,” she said.
She said more than 13,000 companies had registered with the department; however, about 30 per cent of companies did not.
“They are reminded to register with the JPDP before the department’s personnel come to their premises to enforce the law through Ops 336 currently underway.
“As of this year, we have conducted inspections and audits at 32 organisations that implement the seven principles of PDPA, as well as received 220 complaints from the public,” she said.
Of the 220 complaints, 17 investigation papers were opened and court sentences meted out to three of the cases which involved fines totalling RM40,000, she added.
Khalidah said among the offences committed by the companies were abuse of consumer personal data, not possessing a registration certificate, and unauthorised processing of personal data.
“The offences were done by companies involved in the education and tourism sectors as well as private employment agencies,” she said.
In line with current technological advances, Khalidah said JPDP was planning to add two more business sectors into the fold, namely the automotive and e-hailing service sectors to be registered with the department next year. – Bernama