Article 30 Indonesian Data Protection Law 2020
Prevention of unauthorised processing
(1) The personal Data controller is obliged to prevent unauthorized Data Prito be accessed.
(2) The prevention as referred to in paragraph (1) shall be done by using the security system against the personal Data in process and/or processing the personal Data using the electronic system reliably, securely, andresponsibly.
(3) Prevention as mentioned in clause (2) is done in accordance with the provisions of legislation.