Responsible Information Sharing

Get ready for PRIS compliance by implement a core set of controls to prevent accidental sharing of personal information and other sensitive data types such as financial or labelled documents across Microsoft 365 workloads and endpoint devices.

In today's rapidly evolving digital environment, organisations are amassing vast quantities of data across multiple platforms, including Microsoft 365. Whilst data is an invaluable asset, it also presents a significant risk if not properly governed and secured.

Departments will need to comply with The Privacy and Responsible Information Sharing Act 2024 (PRIS Act) which aims to protect the personal information of Western Australians and facilitate the responsible sharing of government information.

c2pr developed a framework to simplify the quantification of sensitive data and then use Microsoft Purview’s Data Loss Prevention (DLP) and Insider Risk capabilities to mitigate sharing violations.

How to we aproach responsible sharing?

We implement non-intrusive controls requiring acknowledgement or business justification when sharing sensitive information.

We help educate users on responsible sharing with context specific tool tips and recommending labelling when documents contain sensitive data.

We extend protection to endpoint devices, web browsers and Generative AI to copying and uploading of sensitive data.

Laslty, we leverage built-in Microsoft 365 Purview capabilities to do more with your current investments.

In Scope

We offer a standard scope (extendable on request) to rapidly establish a baseline for responsible sharing controls.

Technical support concept, business person touching helpdesk icon on screen, hotline assistance service available by phone, chat, email or online to solve incident with computer software, smartphone

Identify data types to protect

Identify conditions for classifying documents as High Value Content (HVC) or Medium Value Content (MVC) containing Australian personal & financial data and identification of standard document types (Trainable classifiers)

Define user stories based on HVC and MVC mapped to required protection measures.

Recommended labelling of documents containing HVC & MVC.

Policy templates

We leverage our library of pre-created templates to create granular policies with consistent configurations.

Deploy policies in simulation mode to review impact before starting phased deployments.

Two professionals in formal attire examine and interact with flowing digital wave on colorful background, representing data science

Deploy policies covering

E-mail, SharePoint, OneDrive & Teams

Endpoint devices: Monitor uploads to web sites & Genenerative AI, USB drives, printing & unapproved applications.

Manage threats posed by insiders.

We leveraged our standardised approach to implementing DLP as a framework for quantifying what data matters to you. By focusing on your most important assets we achieve measurable outcomes.