Discovered and classified sensitive data, then rolled out DLP in audit mode first so protection did not frustrate clinical work.
Context
A healthcare organisation needed to know where sensitive data lived and to stop it leaking, without getting in the way of clinical staff.
Approach
We started with discovery and classification in Microsoft Purview, applied sensitivity labels, and rolled out data loss prevention in audit mode first, tuning before enforcing.
- Data discovery and classification
- Sensitivity labels that travel with the data
- DLP rolled out in audit mode, then enforced
Outcome
Sensitive data became visible and protected, with controls mapped to the organisation's obligations. Anonymized to protect client confidentiality.