Services
Affected Platforms
Summary
Microsoft Purview introduces a new guided diagnostics experience for Data Loss Prevention (DLP) to help admins troubleshoot policy issues with clearer visibility and Security Copilot-powered insights for eligible tenants. Available from mid-May 2026, it enhances monitoring without changing enforcement or user workflows.
Details
Introduction
Microsoft is introducing a new guided diagnostics experience in Microsoft Purview Data Loss Prevention (DLP) to help administrators diagnose and resolve DLP policy issues more efficiently. This experience provides clearer visibility into how DLP policies are evaluated, which conditions are matched, and what actions are taken. For eligible tenants, Security Copilot‑powered insights offer recommendations to support troubleshooting and policy optimization.
This message is associated with Microsoft 365 Roadmap ID 561032.
When this will happen
- Public Preview: Mid‑May 2026 – Mid‑June 2026
- General Availability (Worldwide): Late June 2026 – July 2026
How this affects your organization
Who is affected
- Microsoft 365 administrators who manage Microsoft Purview DLP policies
- Commercial tenants
- Security Copilot‑powered insights are available only to customers with eligible Microsoft 365 E5 and Copilot licensing
What will happen
- A new guided diagnostics experience will be available in the Microsoft Purview portal to help troubleshoot DLP policy behavior.
- The diagnostics will be available to all users who have permission to view DLP policies.
- Admins will see a new guided diagnostics experience in the Microsoft Purview portal for troubleshooting DLP issues.
- Diagnostics provide visibility into:
- DLP policy evaluation order
- Conditions that were matched
- Actions taken (allow, block, audit)
- Eligible tenants will receive Copilot‑powered insights and recommendations to assist with:
- Identifying potential policy misconfigurations
- Troubleshooting DLP behavior
- Policy optimization
- Existing DLP policies and enforcement behavior are not changed.
- There is no impact to user workflows.
What you can do to prepare
No action is required.
Optionally:
- Review internal DLP troubleshooting documentation and update it to reference the new diagnostics experience.
- Ensure security and compliance teams are aware of the new diagnostics flow in the Microsoft Purview portal.
- Review Copilot licensing to understand availability of Security Copilot‑powered insights.
(Documentation links will be provided once public preview documentation is available.)
Compliance considerations
| Question | Answer |
| Does the change introduce or significantly modify AI/ML or agent capabilities that interact with or provide access to customer data? | Yes. The guided diagnostics experience includes Security Copilot-powered insights and recommendations for eligible tenants. These insights analyze existing DLP configuration data and diagnostic metadata to help administrators understand policy behavior, troubleshoot issues, and identify opportunities for policy optimization. No new customer content sources are introduced, and Copilot does not change DLP enforcement decisions. |
| Does the change alter how admins can monitor, report on, or demonstrate compliance activities (for example, in Microsoft Purview reporting or diagnostics)? | Yes. The new guided diagnostics experience enhances how administrators can monitor and understand DLP policy evaluation, including visibility into evaluation order, matched conditions, and resulting actions. This improves troubleshooting and compliance validation workflows without changing audit logs or enforcement behavior. |