Understand Microsoft Purview Communication Compliance
Organizations face growing challenges when it comes to maintaining appropriate workplace communication. From harassment and insider threats to regulatory violations and reputational damage, a single message can create serious issues. Microsoft Purview Communication Compliance helps reduce those risks by giving you tools to detect, review, and respond to potentially inappropriate messages across Microsoft 365 and supported non-Microsoft platforms.
Communication Compliance is part of the Microsoft Purview insider risk solution set. It helps organizations enforce internal policies and standards. Authorized users can identify and respond to messages that might include threats, harassment, offensive content, or the sharing of sensitive or regulated information.
What does communication compliance do?
Communication Compliance uses machine learning classifiers, keyword and phrase detection, and flexible conditions to identify risky or inappropriate messages. These messages can appear in Microsoft Teams, Outlook email, Viva Engage, and Microsoft 365 Copilot and Copilot Chat. Communication Compliance can also analyze imported messages from supported non-Microsoft platforms, such as WhatsApp or Instant Bloomberg.
Examples of what it can detect include:
- Harassment and abusive language
- Discriminatory or profane content
- Inappropriate images
- Conversations about sensitive projects such as mergers or leadership changes
- Communications that might violate financial regulations
After a message is flagged, it's routed to authorized reviewers who can investigate and take action. No actions are taken automatically. Human review is always required.
Why use communication compliance?
Communication Compliance can help your organization:
- Detect violations of internal communication policies
- Identify early signs of insider risk
- Support regulatory obligations through oversight and documentation
Unlike data loss prevention, which focuses on protecting sensitive information, communication compliance addresses the language, tone, and intent of messages that might lead to policy violations or risk exposure.
If your organization is required to review internal communications for compliance with industry regulations, Communication Compliance can help fulfill those obligations.
Watch the video to learn how to fulfill regulatory compliance requirements with communication compliance:
How does it work?
Communication Compliance is designed with privacy and responsible AI principles in mind. It supports:
- Machine learning classifiers that prioritize accuracy and minimize false positives
- Prebuilt policy templates for common scenarios
- Remediation workflows that allow investigators to notify users, tag content, or escalate incidents
- Pseudonymization to limit bias during investigations
- Role-based access control to define clear responsibilities for configuring and reviewing policies
What's next?
To use communication compliance effectively, you need to make a few decisions up front. These include determining your communication channels, assigning the right roles, and setting expectations for how flagged messages will be handled. You'll explore these requirements in the next unit.