Yale University is Transitioning to Microsoft Purview for Data Loss Prevention (DLP)

August 27, 2025 by James Tucciarone III
Topic:
  • Announcements

Beginning September 2nd, Yale University will begin transitioning from Forcepoint to Microsoft Purview for Data Loss Prevention (DLP). This strategic shift will enhance how we protect sensitive data, decrease cost, and  better integrate with our existing Microsoft 365 environment.

 

Why the Change?

Microsoft Purview provides modern data protection that aligns with Yale’s ongoing efforts to strengthen information security, streamline compliance, and reduce risk. Microsoft Purview helps ensure that confidential university data stays secure.

How Microsoft Purview DLP Works

Microsoft Purview detects and prevents the accidental sharing of sensitive data such as Medical Record Numbers (MRNs) and Social Security Numbers (SSNs).

Yale’s DLP currently looks for Medical Record Numbers (MRNs) and Social Security Numbers (SSNs).

You will receive a message from the DLP tool when handing MRNs or SSNs in a way that could cause them to be exposed. DLP will alert when it detects one of the following activities:

  1. Sending MRNs or SSNs via email.
  2. Printing files containing MRNs or SSNs.
  3. Transferring files containing MRNs or SSNs to an unsecure hard drive or network share.
  4. Uploading files containing MRNs or SSNs to an unapproved web service.

These protections are applied in the background, and in most cases, users will only see a friendly notification if they’re about to share something that may be sensitive.

What’s Changing for You

  • You’ll notice pop-up notifications in Outlook for Windows and Outlook on the Web. Other notifications will appear as desktop notifications when printing or transferring sensitive data to a network share or USB.
  • The Forcepoint endpoint agent will be removed from university-managed devices during the transition.
  • No action is required on your part — policies will be enforced centrally by Yale Information Technology Services (ITS).

Frequently Asked Questions (FAQs)

  • DLP stands for Data Loss Prevention. It’s a set of technologies and policies that prevent sensitive information from being shared inappropriately or leaving the organization unintentionally.

    Yale has had DLP implemented for many years. We are switching our DLP tool from Forcepoint to Microsoft Purview.

  • Microsoft Purview DLP protects Social Security numbers (SSNs) and Medical Record Numbers (MRNs).

  • In most cases, no. If you try to share protected data, you may see a warning or be blocked. These messages will guide you through compliant alternatives.

  • No. DLP scans data for MRNs and SSNs automatically and securely.

  • Some DLP policies allow overrides with a business justification. Others may be strict, based on the sensitivity of the data. These settings are designed to balance security with productivity.

  • In most circumstances, sending, printing or saving high-risk data must be avoided. However, there are circumstances where this action may be appropriate.

    Make sure to review the full contents of the file you are sending. Often, additional files can be embedded containing data of which you weren’t aware. A common example is when an Excel file is embedded in a PowerPoint presentation. Even though the data in the spreadsheet is not visible in the presentation, it can still be extracted. For help locating or removing these files, contact the ITS Help Desk or your local IT support provider.

  • Contact the ITS Help Desk at 203-432-9000 or helpdesk@yale.edu.

  • Forcepoint will be removed before Purview is enabled. We anticipate Forcepoint will be completely phased out by end of December 2025.

Need Help or Have Questions?

Contact the ITS Help Desk at 203-432-9000 or helpdesk@yale.edu.