Speaker 1: So unfair question from Stevie, let's see. Do you know when Google Drive will offer regions and data governance for the AU region currently installs data in any of their data centers? Great question, Stevie, I do not know that personally, if I did know and couldn't tell you, I would say I can't tell you. But I don't know. What I will say, though, is depending on what industry you're in, and I've had many discussions with financial services industry, with legal industry, with healthcare industry, what most people are concerned about when they ask this question is, am I complying with the Australian privacy principles laws? Now, hashtag, I'm not a lawyer, hashtag, this is not legal advice. But what most people are curious to know is, can I store patient records? Can I store financial information? Can I store people's Medicare numbers? Can I store people's credit card numbers in Google Drive, or in Google Documents, if that data is in locations outside of Australia, and hashtag, I'm not a lawyer. But from all of my research, and from the advice that we have received, it's absolutely fine and completely compliant to store data in the Google ecosystem, even though the data centers are not necessarily in Australia. Now, the confusion with that with the Australian privacy principles is that typically people think, Oh, well, it's it's got to stay in Australia, because that is the regulation. But I've read the acts. And I've read all of the regulations. And what they actually say, is that you need to take reasonable steps to maintain that data and reasonable steps to protect the data of your customers. Now, this generally applies globally. If you're in Europe, you've got GDPR, if you're in the US cannot remember off the top of my head the Privacy Act that you're bound by. But generally, these principles apply globally. But specifically for Australia and the Australian privacy principles, what it means is that you have to make sure that you're you're doing your best to protect the data, meaning you have data retention policies and data protection policies in place. I'll circle back to that number two, any third party processes or anyone who is helping to store the data on your behalf, you need to make sure that they are responsible parties as well. IE, if you are relying on Google to either transmit or store or do something with the data, some kind of processing, which they are by you putting it in a Google Sheet, or you putting it in a file in Google Drive, then you need to ensure that they have the correct, let's say checks and balances in place and anywhere in transit as well. And so you know, you can't just leave it on a USB stick or something like that you are still responsible. Now, in Australia, under the Australian privacy principles, if you are a organization with more than 2 million Australian dollars in revenue, you are bound by these rules. And you need to basically submit notice of any breaches to the Australian Information Commissioner. And they are basically the information police, and you have to declare hey, I've had a data breach and customers information or people's personal information has been shared. And you know, whether they haul you off to jail or you know, whatever consequences you have, that's then on you. But if you are a smaller business less than $2 million of revenue, and in certain industries, you may also have these restrictions apply to you as well. Now, does that mean that you can go and put all of your data and all of your records in Google Drive straight away? Well, not necessarily. And that's why I say get your own advice on this, which is industry specific. Because if you're, for example, a financial institution, or you're dealing with financial institutions, like maybe you're a finance broker, some organizations that you deal with will have their own policy. And some of them will say the data must be in Australia. For example, some Australian banks and some Australian insurance agents will sell underwriters will say, the data must be in Australia full stop. And it's kind of like wet, wet signatures versus digital signatures. Digital signatures have been upheld in the Supreme Court in the High Court of Australia or the federal court, whichever the highest court is that we have here. Yet, some or most banks still require a wet signature because it's just their policy. So you've got to check your policies. Now I said I was going to circle back to you making sure that you protect data inside your Google account. And here's where it comes down to Google Workspace. And it becomes very important now for you to ensure that you are complying with a rule like this, the general consensus is that you need to be making every effort available to you to protect the data of your customers protect their personal information, protect any financial information, protect any Medicare card numbers, or anything of the sorts. Now Google Workspace has some pretty cool tools built in, you can go into the admin panel, and you can tick a couple of boxes. And that will actually allow you to switch on HIPAA certifications and a bunch of us based protocols, or there is the GDPR protocol for Europe, if you go in and take those compliance measures inside administration panel, it's going to switch on a bunch of things. But there is also an implementation checklist, which will allow you to go even further. And that is enabling some of the enterprise features like data loss prevention. Now data loss prevention is our strong recommendation for any business in the legal, financial services, or healthcare industries, and insurance as well, I would I would, I would extend it to there as well. And what data loss prevention allows you to do is set certain policies and protocols for how data is handled, and how potential data breaches can be stopped in their tracks inside Google Workspace. The awesome thing about DLP for short, is that if one of your team members accidentally cuts and pastes a customer's credit card number, or their Medicare number, or if you're in the US or social security number into an email, and they hit send on that email, that email will be quarantined before it even goes out of your business. Pretty cool, huh? It will also give you reports on any of those numbers that may be stored in plain text in documents. It's not compliant in most places to have credit card numbers stored in plain text, they should be either tokenized, or they should be, you know, obfuscated in some way. And so the data loss prevention tools, which are only available in the enterprise plans for Google Workspace, are highly recommended for those working in those industries, or anyone in Australia, at least if if you're doing more than $2 million a year in rev in revenue, then you have more stringent rules applied to you and how you handle your customers personal information and data. And remember that it may just be first name, last name and date of birth. That is personal information that could potentially constitute a breach that needs to be a reportable breach. My recommendation is to get your own advice on how your business needs to be protected from a legal standpoint. So talk to your consultants about that. But for the technical implementation, well, we know what we're doing with that. If you'd like some help from our company, it genius, we've done this for probably 40 or 50 organizations, mostly in the healthcare industry to implement data loss prevention to implement third party backup tools. So the data is securely encrypted outside of Google's ecosystem as well. So you can tick all the boxes and say, Hey, I've done absolutely everything that I can to protect my customers data. And then you know, should the Information Commissioner come after you if there is some kind of data breach, or you have to make an insurance claim to your cyber insurance that you've had a data breach that you can show Hey, you know, I've done everything. And here's the checklist that it genius went through to implement all of the security features available to me in the Google Workspace ecosystem. Don't forget to like and subscribe if you enjoyed this content. And if you need more help with your Google Workspace account, there's four ways that we can help. Number one, join our free community group where others in the community help support each other with the Google Workspace accounts. And I'm in there from time to time answering questions as well. Number two, take advantage of our free transfer in offer to get a bunch of additional value for your workspace account just for transferring your billing over to it genius. Number three, you can take advantage of a free consultation if you qualify or an IT systems check and audit for everything technology in your business. Number four, if you need help right now, you can either join our concierge program or book a one time fix it service to get support from our professional support team for everything workspace and the Google ecosystem. See you in the next one. Transcribed by https://otter.ai