AeHIN
Malaysia’s framework for health data governance centers on the Personal Data Protection Act (PDPA) of 2010, which recognizes health data as sensitive information, along with the Telemedicine Act of 1997, which mandates patient consent for telehealth interactions. Data protection, privacy, and data security are reinforced under the PDPA, while the Private Healthcare Facilities and Services Act of 1998 sets quality standards in healthcare services. The pending Cybersecurity Bill could enhance protections, but Malaysia lacks specific laws for digital health and interoperability. Strengthening regulations around data sharing and inclusivity would support a more robust governance approach.