CCTV data Protection Act Malaysia
Privacy Impact Assessment (PIA) – In the Light of the Data Protection Law in Malaysia
By: Sonny Zulhuda
Last time In May ’12, I was invited by the Federation of Public Listed Companies (FPLC) and the Malaysian Institute of Corporate Governance (MICG) to speak in their National Conference on IT Governance, Data Protection and Cyber Security.
I chose to speak about the importance of the Privacy Impact Assessment (PIA) as an implementing tool for complying with the data management rules and obligations under the law. The exact title of my presentation was “Privacy Impact Assessment for a Better Corporate Governance: The New Legal Landscape in Managing Corporate Data Assets.”
In fact, this was the first time I spoke about it. I just felt that people especially the corporate citizens need to be told in a more practical way on why and how they should comply with the laws on personal data management, i.e. the Personal Data Protection Act 2010 as far as Malaysia is concerned.
The PDPA itself is, of course, silent about this PIA. But that does not mean having or executing a PIA would be useless. PIA is indeed a very helpful organisational tool to ensure compliance with the law on data protection. Malaysian law is not excepted.
Just, what is PIA? PIA is an exercise where an organisation addresses series of accruing (potential or actual) privacy-related issues and concerns in relation to certain practices or activities in which that organisation is involved.
It is a series of practical sessions that aims not only at identifying the potential privacy concerns, but also at finding out solutions or alternative action. In relation to the PDP law, PIA is a helpful tool for data users (“data controllers”) to acknowledge possible breaches to the data protection rules and to reach at compliance.
Before this, we may have heard frequently about some other tools used by organisation in relation to personal data protection, such as “Compliance checklist”; “Data Protection Audit”; “Information Security Assurance” and so on and so forth. But those tools cannot precisely replace the PIA for their having narrower scope or too focused on certain aspects than others under the PIA.
PIA is more than just audit and compliance checklist. It covers a whole data life-cycle process, from planning, strategizing to execution. It is a part of a system of incentives, sanctions and review, and should be embedded in project workflows or quality assurance processes.
PIA serves some objectives, among others to expose and mitigate privacy risks; to avoid adverse publicity; to save money; develop an organisational culture sensitive to privacy; to build trust and last bot not least, to assist with legal compliance. In Malaysia, this legal compliance does not only target PDP Act 2010, but also other relevant acts such as the Companies Act 1965.
In the Conference I mentioned several scenarios where PIA would be helpful, among others:
Where your organisation outlines new strategic plan about launching a new product/service, question arises whether you should use the existing customers database to promote those new product/services.
When the boardroom is to decide about the use and installation of surveillance measures in the workplace such as installing CCTV or Internet traffic monitoring.
New Official and Authorized web get the Malaysia Visa before of travel for business or tourism,
You might also like
Try it without VZAccess managerby xunilsdrawkcab
Just manually enter the settings in a dial-up modem connection.
Verizon customer service can tell you your username and password. I think the number is *777#, or #777*, or something, then username is usually firstname.lastname@example.org, password "vzw"... or something similar, I quit using verizon last year so my memory is hazy...
the point being, sometimes just using windows' built-in connection manager works better than proprietary software...
google "verizon dun settings" for better info...
Verizon USB760 3G Prepaid USB Broadband Device
PC Accessory (Verizon)
VA releases internal audit summary of scheduling practices
FedScoop reported earlier this week that VA has known for more than a year of serious weaknesses in VistA's identity and access management controls, as well as the scheduling module's overall integration into the enterprise electronic health record system.
VZAccess Manager Software and User's Guide for BlackBerry 8130 and 8330
Single Detail Page Misc (Verizon Wireless)
Verizon Novatel Wireless Aircard USB-760
PC Accessory (MICRO HC MAC)
Verizon Wireless USB720 EVDO Rev A USB Modem (Verizon Wireless, Card Only, No Service)
Wireless (Verizon Wireless)
Verizon Wireless V740 ExpressCard by Novatel
CE (Verizon / Novatel)