The law to protect Indonesian Citizen's sensitive data
As of October 17, 2022, Indonesia has passed a law that regulates the protection of personal data, namely UU No. 27 Tahun 2022. This law impacts how organizations process and protect their data, especially personal data, and how they design and implement their cybersecurity. Through this law, the government hopes that the number of data breaches in Indonesia will decrease and the public will become more aware of how other people use and process their data or even increase public awareness of security in this digital era, so that cyber crimes can be reduced.
PDPL compliance is based on the Security Principal of Data Protection
Data Protection refers to the safeguarding of personal information. It involves a set of rules and regulations that dictate how personal data should be collected, handled, and stored to ensure its confidentiality, integrity, and availability. The purpose of data protection is to protect individuals from the unauthorized or unlawful processing of their personal data, as well as from the accidental loss or destruction of that data. This can include measures such as encryption, secure backups, and access controls to limit who can view or modify the data.
Data Protection Implementation Resources
- UU No. 27 Tahun 2022
- ENG-UU No 27 Tahun 2022 Perlindungan Data Pribadi (by ABNR)
- UU No. 16 Tahun 2016 - ITE
- UU No. 11 Tahun 2008 - ITE
- 2022 Indonesian Data Protection Law overview - Lexology
- Q&A The Data Protection Legal Framework in Indonesia - Lexology
- PDP Law and Data Breach Notification Requirements in Indonesia - Lexology
- Indonesia: The Personal Data Protection Law is finally here. What does that mean for your business? - Lexology
- POJK 22 Tahun 2023 - Perlindungan Konsumen
- Peraturan Menkes No 24 Tahun 2022 - (Digitalisasi) Rekam Medis
- UU No 17 Tahun 2023 tentang Kesehatan
- Legal Bases for Processing Personal Data - Data Protection Commission