Skip to main content

E8-IBP-Australia Privacy Act

The policy aims to identify and manage sensitive information related to the Australian Privacy Act, such as driver's license and passport numbers, across various organisational platforms.

🧾 Policy Overview

  • 🧭 Name: E8-IBP-Australia Privacy Act

  • 🔐 Purpose: Detects the presence of information commonly considered subject to the Privacy Act in Australia, such as driver's license and passport numbers

  • 🛠️ Type: Data Loss Prevention (DLP)

  • 📦 Mode: Audit (TestWithoutNotifications)

  • 🧪 Simulation Policy: Yes

  • 📌 Status: Valid

  • 📋 Priority: 3

  • 🔑 Minimum Licensing Requirement: Microsoft 365 Business Premium

🎯 Detection Rules

✅ High Volume Detection

  • Triggers when ≥10 instances of either:

    • Australia Driver’s License Number

    • Australia Passport Number

  • Confidence Level: ≥75% (Medium)

  • Access Scope: NotInOrganization

  • Severity: High

  • Generates alerts and incident reports for SiteAdmin

  • Notifies: SiteAdmin, LastModifier, Owner

✅ Low Volume Detection

  • Triggers when 1–9 instances of the same identifiers

  • Same confidence level and access scope

  • Severity: Low

  • Sends notifications (no alerts or incident reports)

📍 Coverage Scope

Applies to:

  • Exchange (emails)

  • SharePoint

  • OneDrive for Business

  • Teams

  • On-Premises Scanner

Targets all locations within these services.

🧩 Technical Flags

🏷️ Supports Scope Tags: ✅ Yes
📦 Version: 1
🔁 Enforcement Planes: Not defined
🔑 Licensing Requirement: Not specified


Related Articles
E8-IBP-Australia Financial Data
E8-IBP-PCI Data Security Standard (PCI DSS)
E8-IBP-Australia Health Records Act (HRIP Act)
Did this answer your question?