Skip to Content

MC1199763 Microsoft Purview | Data Security Investigations: Introducing new purge mitigation action

By: Author Alex Lim

Posted on

Categories Update

Home » Update » MC1199763 Microsoft Purview | Data Security Investigations: Introducing new purge mitigation action

Summary

  • A new purge mitigation action will be introduced in Microsoft Purview Data Security Investigations, allowing admins to delete sensitive or overshared content during investigations.
  • The feature is enabled by default, requiring no configuration changes from admins.
  • Admins can delete content based on investigation search queries to address data exposure.
  • Existing admin policies regarding data loss prevention, retention, and labels will still be respected.
  • No pre-rollout action is needed, though notifying security and compliance teams is advisable.

Admin Impact: Low
User Impact: Low
Release Start: 01 Mar 2026
Release End: 31 Mar 2026
Services: Purview
Category: Stay informed
Tags: New Feature, Admin Action

History

12/18/2025 Item Added to Message Center

Microsoft Message

Introduction

We’re introducing a new purge mitigation action in Microsoft Purview Data Security Investigations (DSI). This feature enables admins to quickly and efficiently delete sensitive or overshared content during investigations, directly within the product experience. The purge action complements DSI’s AI-powered capabilities—such as categorization, AI search, and risk analysis—helping organizations reduce data exposure and mitigate leaks faster.

This message is associated with Microsoft 365 Roadmap ID 542930.

When this will happen

  • Public Preview: Rollout will begin in early January 2026 and complete by mid-January 2026.
  • General Availability (Worldwide): Rollout will begin in early March 2026 and complete by late March 2026.

How this affects your organization

Who is affected: Admins using Microsoft Purview Data Security Investigations.

What will happen:

  • A new purge mitigation action will be available in the DSI interface.
  • Admins can delete content matching investigation search queries to mitigate oversharing or sensitive data exposure.
  • The feature is enabled by default; no configuration changes are required.
  • Existing admin policies (DLP, retention, labels) remain respected.

Screenshot 1: Data Security Investigations save search query for purge

Screenshot 2: Data Security Investigations purge queue

What you can do to prepare

  • No admin action is required before rollout.
  • Consider notifying your security and compliance teams about this new capability.
  • Update internal documentation if you detail DSI workflows.

Learn more:

  • Learn about Data Security Investigations
  • Use the mitigation plan in Data Security Investigations (preview)

Compliance considerations

No compliance considerations identified, review as appropriate for your organization.