Australian Government Email Protective Marking Standard (EPMS)

What is EPMS?

Text

The Australian Government Email Protective Marking Standard (EPMS) is a set of requirements that organizations must follow in order to protect sensitive and classified information that is sent or received by email.

According to the Email Protective Marking Scheme, governmental agencies must ensure that all official emails are marked with a protective marking that identifies the maximum classification and protection requirements for that information.

The EPMS v2018.6 was updated on 30 January 2023. The new Email Protective Marking Standard introduces a number of changes from the previous standard, including: 

Security classifications 

Caveat requirements 

Requirements for email 

Penalties for non-compliance 

Text

Aggregated data, data used for household/domestic purposes, and publicly available personal data are outside the scope of the DPDP Act. 

What is sensitive or classified information?

Text

The EPMS defines sensitive or classified information as information that, if disclosed, could have a negative impact on the national security, economic interests, or public safety of Australia. Sensitive or classified information can include the following:

  • Information about government policies or programs
  • Information about military or intelligence operations
  • Information about trade secrets or other confidential business information
  • Information about personal or financial information 

Fortra’s Digital Guardian can help you comply with EPMS

Fortra's Digital Guardian can assist organizations in complying with the EPMS by providing a comprehensive data protection solution that addresses the specific requirements for managing and safeguarding sensitive information transmitted via email. Here’s how it helps:  

Policy Enforcement

Digital Guardian ensures that only emails with correct protective markings are sent, and it prevents the accidental sharing of sensitive or classified information without proper security measures, reducing the risk of non-compliance.

See Digital Guardian DLP in Action

GET A DEMO