Crowe Malaysia
RISK CONSULTING

Personal Data Protection Act 2010 (PDPA)

Protect your business & customer data

End-to-end PDPA compliance solutions


Implemented on 15 November 2013, Malaysia's Personal Data Protection Act (PDPA) establishes a legal framework to regulate commercial handling of personal data with the objective of protecting individual privacy rights by controlling how personal data is collected, used and disclosed.

Frequently asked questions (FAQs)


FAQ Section

Cables Technology

What is PDPA?

The Personal Data Protection Act 2010 (PDPA) is Malaysia's data privacy law regulating how businesses process personal data in commercial transactions.

Key 2025 Updates:

  • Higher Penalties: Fines up to RM1 million (from RM500K) and 3 years' jail (effective 1 April 2025)
  • Stricter Rules: Now covers data processors (e.g., vendors, cloud providers) and pseudonymized data
  • Appointment of Data Protection Officer 
  • Mandatory data breach notification.

Our PDPA compliance services:


  1. Gap analysis & roadmap development: Identify compliance gaps against PDPA’s 7 Principles and create a tailored implementation plan.
  2. Framework development: Design policies, roles and procedures for data protection.
  3. Compliance audits: Assess systems and processes against PDPA standards.
  4. Training & awareness programs: Educate staff on PDPA requirements and best practices.

Need PDPA compliance support?

Contact us today for a free consultation.

Related Services

Accounting advisory

Complexity is our specialty. Work with teams that understand all facets of your accounting needs – from complex reporting requirements to strategic transactions to finance transformation.

Explore more

Tax compliance

Minimise the disruption of tax compliance. Our specialists can identify tax opportunities, while improving overall efficiency and delivering accurate tax returns.

Explore more

ESG services

Sustainability is our focus. Partner with experts offering tailored ESG solutions, from strategy to compliance and reporting to helping your business meet its goals and drive value.

Explore more

Accounting advisory

Complexity is our specialty. Work with teams that understand all facets of your accounting needs – from complex reporting requirements to strategic transactions to finance transformation.

Explore more

Tax compliance

Minimise the disruption of tax compliance. Our specialists can identify tax opportunities, while improving overall efficiency and delivering accurate tax returns.

Explore more

ESG services

Sustainability is our focus. Partner with experts offering tailored ESG solutions, from strategy to compliance and reporting to helping your business meet its goals and drive value.

Explore more

Our latest thinking and news

loading gif
ransomware attack protection
What KLIA’s US$10 Million Ransom Demand Tells Us About Cyber Risk Today
KLIA's $10M ransomware attack exposes growing cyber risks. Learn 9 critical strategies to protect your business from costly breaches.
National Sustainability Reporting Framework (NSRF)
National Sustainability Reporting Framework (NSRF)
The NSRF updates Malaysia’s ESG reporting with phased implementation starting in 2025.
Board of directors reviewing Technology Risk Management (TRM) framework and cybersecurity policies for compliance with new guidelines
Navigating the New TRM Guidelines: Ensuring Cybersecurity Compliance for Capital Market Entities
New TRM Guidelines by the SC require capital market entities to establish robust cybersecurity and technology risk management frameworks.
ransomware attack protection
What KLIA’s US$10 Million Ransom Demand Tells Us About Cyber Risk Today
KLIA's $10M ransomware attack exposes growing cyber risks. Learn 9 critical strategies to protect your business from costly breaches.
National Sustainability Reporting Framework (NSRF)
National Sustainability Reporting Framework (NSRF)
The NSRF updates Malaysia’s ESG reporting with phased implementation starting in 2025.
Board of directors reviewing Technology Risk Management (TRM) framework and cybersecurity policies for compliance with new guidelines
Navigating the New TRM Guidelines: Ensuring Cybersecurity Compliance for Capital Market Entities
New TRM Guidelines by the SC require capital market entities to establish robust cybersecurity and technology risk management frameworks.

We are here to help

Working together we can help you successfully adapt and overcome the challenges you may face, both today and in the future.
Amos Law Chih Chien
Amos Law
Partner, Risk ConsultingKuala Lumpur
Tan Loon Hean
Loon Hean Tan
Partner, Risk ConsultingKuala Lumpur