Del via


Learn about named entities

Named entities are sensitive information types (SIT). They're complex dictionary and pattern-based classifiers that you can use to detect person names, physical addresses, and medical terms and conditions. You can see them in the Microsoft Purview compliance portal > Data classification > Sensitive info types. Here's a partial list of where you can use SITs:

DLP makes special use of named entities in enhanced policy templates, which are preconfigured DLP policies that you can customize for your organizations needs. You can also create your own DLP policies from a blank template and use a named entity SIT as a condition. Entity Match and other advanced classifiers are offered only to users with E5 licenses.

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

Examples of named entity SITs

Named entity SITs come in two flavors, bundled and unbundled

Bundled named entity SITs detect all possible matches. Use them as broad criteria in your DLP policies for detecting sensitive items.

Unbundled named entity SITs have a narrower focus, like a single country. Use them when you need a DLP policy with a narrower detection scope.

Note

To use named entity SITs, you must activate Advanced classification scanning and protection for the relevant data loss prevention settings before they will be discoverable.

Here are some examples of named entity SITs. You can find all of them in Sensitive information type entity definitions.

Named Entity Description Bundled/Unbundled
All full names Detects all possible matches of full names bundled
All physical addresses Detects all possible matches of physical addresses bundled
All medical terms and conditions Detects all possible matches of medical terms and conditions bundled
Australia Physical Addresses Detects patterns related to physical addresses from Australia. Included in All physical addresses SIT. unbundled
Blood Test Terms Detects terms related to blood tests, such as 'hCG'. English terms only. Included in All medical terms and conditions SIT unbundled
Brand Medication Names Detects names of brand medication, such as 'Tylenol'. English terms only. Included in All medical terms and conditions. unbundled

Examples of enhanced DLP policies

Here are some examples of enhanced DLP policies that use named entity SITs. You can find all 10 of them in the Microsoft Purview compliance portal Navigate to Data loss prevention > Create policy. Enhanced templates can be used in DLP and auto-labeling.

Policy category Template Description
Financial U.S. Gramm-Leach-Bliley Act (GLBA) Enhanced Helps detect the presence of information subject to Gramm-Leach-Bliley Act (GLBA), including information like social security numbers or credit card numbers. This enhanced template extends the original by also detecting people's full names, U.S./U.K. passport number, U.S. driver's license number and U.S. physical addresses.
Medical and health Australia Health Records Act (HRIP Act) Enhanced Helps detect the presence of information commonly considered to be subject to the Health Records and Information Privacy (HRIP) act in Australia, like medical account number and tax file number. This enhanced template extends the original by also detecting people's full names, medical terms and conditions, and Australia physical addresses.
Privacy General Data Protection Regulation (GDPR) Enhanced Helps detect the presence of personal information for individuals inside the European Union (EU) to help meet GDPR privacy obligations. This enhanced template detects people's full names and physical addresses for countries in the EU.

Next steps

For further information