Learn about named entities
Named entities are sensitive information types (SIT). They're complex dictionary and pattern-based classifiers that you can use to detect person names, physical addresses, and medical terms and conditions. You can see them in the Microsoft Purview compliance portal > Data classification > Sensitive info types. Here is a partial list of where you can use SITs:
- Microsoft Purview Data Loss Prevention policies (DLP)
- Sensitivity labels
- Insider risk management
- Microsoft Defender for Cloud Apps
- Microsoft Purview Information Protection
- Data Lifecycle Management
- Records management
- Microsoft Purview eDiscovery
- Microsoft Priva
- Exact data match sensitive information types
DLP makes special use of named entities in enhanced policy templates, which are pre-configured DLP policies that you can customize for your organizations needs. You can also create your own DLP policies from a blank template and use a named entity SIT as a condition.
If you're not an E5 customer, you can try all the premium features in Microsoft Purview for free. Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.
Examples of named entity SITs
Named entity SITs come in two flavors, bundled and unbundled
Bundled named entity SITs detect all possible matches. Use them as broad criteria in your DLP policies for detecting sensitive items.
Unbundled named entity SITs have a narrower focus, like a single country. Use them when you need a DLP policy with a narrower detection scope.
Here are some examples of named entity SITs. You can find all of them in Sensitive information type entity definitions.
|All full names||will detect all possible matches of full names||bundled|
|All physical addresses||will detect all possible matches of physical addresses||bundled|
|All medical terms and conditions||will detect all possible matches of medical terms and conditions||bundled|
|Australia Physical Addresses||Detects patterns related to physical addresses from Australia. Included in All physical addresses SIT.||unbundled|
|Blood Test Terms||Detects terms related to blood tests, such as 'hCG'. English terms only. Included in All medical terms and conditions SIT||unbundled|
|Brand Medication Names||Detects names of brand medication, such as 'Tylenol'. English terms only. Included in All medical terms and conditions.||unbundled|
Examples of enhanced DLP policies
Here are some examples of enhanced DLP policies that use named entity SITs. You can find all 10 of them in the Microsoft Purview compliance portal > Data loss prevention > Create policy. Enhanced templates can be used in DLP and auto-labeling.
|Financial||U.S. Gramm-Leach-Bliley Act (GLBA) Enhanced||Helps detect the presence of information subject to Gramm-Leach-Bliley Act (GLBA), including information like social security numbers or credit card numbers. This enhanced template extends the original by also detecting people's full names, U.S./U.K. passport number, U.S. driver's license number and U.S. physical addresses.|
|Medical and health||Australia Health Records Act (HRIP Act) Enhanced||Helps detect the presence of information commonly considered to be subject to the Health Records and Information Privacy (HRIP) act in Australia, like medical account number and tax file number. This enhanced template extends the original by also detecting people's full names, medical terms and conditions, and Australia physical addresses.|
|Privacy||General Data Protection Regulation (GDPR) Enhanced||Helps detect the presence of personal information for individuals inside the European Union (EU) to help meet GDPR privacy obligations. This enhanced template detects people's full names and physical addresses for countries in the EU.|
For further information
- Sensitive information type entity definitions
- Learn about Sensitive information types
- Create a custom sensitive information type
- Create a custom sensitive information type in PowerShell
- Data loss prevention policies (DLP)
- Sensitivity labels
- Retention labels
- Communication compliance
- Autolabeling policies
- Create, test, and tune a DLP policy
- Create a DLP policy from a template