In Australia, an extension to our privacy legislation is just about to come into force. The Notifiable Data Breaches scheme is an amendment under the Privacy Act 1988.
The Notifiable Data Breaches scheme is applicable, broadly, if the entities turnover is greater than $3 million in a given year. So there is an assumption that any entity under that threshold is not required to comply.
However, in the Privacy Act 1988, there is an exception that is you are an organisation that, in any way, handles an individual’s Tax File Number, then this scheme does apply to that entity.
Its not well known at all. In fact, it’s a section of the Act that very few individuals know exist or understand.
The issue is I service boutique accounts, legal professionals, engineering consultancies that are small by definition but now need to comply with the Notifiable Data Breaches scheme.
Most of my clients are on Office 365 Business Premium. Yes that comes with the Security and Compliance Centres but it does not include DLP.
These clients have to have DLP in place to ensure that they comply with the Notifiable Data Breaches scheme.
My question is, is there any add-on available, that can extend DLP to the Business Plans? Or do they simply have to migrate to an E3 license?
Any assistance or discussion wold be appreciated.
Notifiable Data Breaches scheme
