MySejahtera data fully owned by govt, Khairy says it again
31 Mar 2022 08:53pm
I hope the people would continue to use MySejahtera without any doubts, Khairy Jamaluddin says on MySejahtera
KUALA LUMPUR - The data and information acquired from the usage of MySejahtera application is fully owned by the government of Malaysia, the Dewan Negara was told today.
Health Minister Khairy Jamaluddin said the matter is among the key terms in the non-disclosure agreement (NDA) between the National Security Council for the government and KPISOFT on April 1, 2020.
Therefore he gave assurance that all data kept in the database of MySejahtera is protected and is only for the control of the pandemic by the Ministry of Health (MOH).
"In this regard, the usage and management of MySejahtera data are subject to the Prevention and Control of Infectious Diseases 1988 (Act 342) , the Medical Act 1971 (Act 50) and international standards.
"Apart from that the transaction data from MySejahtera application uploaded into the cloud server network daily can only be accessed for the usage of MySejahtera application as well as the supporting applications related to COVID-19 pandemic only,” he said when winding up the motion on MySejahtera application at Dewan Negara today.
On the security of the application and data, he said the Malaysian Administrative Modernisation and Management Planning Unit (MAMPU) and the National Cyber Security Agency (NACSA) are conducting various tests to ensure the application is safe and passed the penetration and vulnerability test before it was launched.
Apart from that, he said NACSA also conducts monthly security audit periodically and carried out penetration tests as well as audit trails to the server keeping MySejahtera data.
"If anyone attempts to log in and take data from our server, we will know who had logged in the data,” he said.
NACSA via the Cyber Coordination and Command Centre (NC4) also monitors security continuous on MySejahtera to detect any intrusion apart from reviewing the MySejahtera application operator company had also received the ISO270001 (ISMS) standard.
He said the standard is the specification recognised internationally for Information Security Management System covering policies and information security management, physical security and surrounding, communication security and human resource security.
"Based on these facts I want to emphasis that each data and information acquired via MySejahtera application is completely under the control of the government and its security and secrecy is assured.
"I hope the people would continue to use MySejahtera without any doubts and health ministry is always monitoring so that this aspect is not compromised,” he said,