Data Residency
The requirement that personal data be stored within specific geographic boundaries.
Data residency mandates that personal data be stored on servers physically located within a defined jurisdiction. Malaysia's PDPA 2010 restricts cross-border data transfer to countries with adequate data protection laws (a whitelist maintained by the Minister). MOVO-X hosts Malaysian patient data in Supabase Singapore (ap-southeast-1) — a jurisdiction recognised as adequate — with envelope encryption using keys stored in AWS KMS ap-southeast-5 (Malaysia region, when available).
Malaysian Context
The PDPA (Amendment) Bill 2024 is expected to strengthen cross-border transfer rules. MOVO-X's Singapore data residency already complies with the proposed tightened requirements.
Related Terms
PDPA 2010
Personal Data Protection Act 2010 — Malaysia's primary data privacy law governing all healthcare data.
Encryption at Rest
The encryption of stored data so it cannot be read if storage media is physically compromised.
Data Protection Officer (DPO) — Malaysia
A qualified person responsible for overseeing PDPA compliance within an organisation.
Use MOVO-X for Data Residency
MOVO-X is Malaysia's leading platform for data residency in hospitals and clinics. PDPA 2010 compliant, PHFSA 1998 compliant, MyKad NFC ready.