Get started with subject rights requests for data beyond Microsoft 365 (preview)

Microsoft Priva Subject Rights Requests for data beyond Microsoft 365 (preview) helps automate the governance of subject rights requests across your entire data estate at scale. This article explains setup steps and settings to help you successfully get started with requests for data beyond Microsoft 365.

Confirm access to Data Map

Before getting started with subject rights requests for data beyond Microsoft 365, administrators should verify their organization has access to the Microsoft Purview Data Map, as this solution utilizes core components within the Data Map.

How to access subject rights requests for data beyond Microsoft 365

Subject rights requests for data beyond Microsoft 365 is located in the Microsoft Priva portal (preview). You can access the solution by following these steps:

  1. Go to the Microsoft Priva portal (preview).

  2. Select the Subject Rights Request tile from the top row of solutions.

    If you don’t see the Subject Rights Request tile, select View all solutions, and underneath the Privacy heading, select Subject Rights Request.

  3. On the Subject Rights Requests page, find the Data beyond Microsoft 365 (preview) header the left navigation. All pages underneath the header are where you’ll create and manage requests for data beyond Microsoft 365.

Important

Pages under the Data within Microsoft 365 heading in the new Priva portal (preview) take you into a different solution for managing requests for data only within your organization’s Microsoft 365 environment (learn more). The instructions in this set of documentation are exclusive to the Priva solution for handling subject rights requests beyond Microsoft 365.

Register assets in the Data Catalog

To get the most out of subject rights requests’ capabilities, you need to have registered data assets containing classifications and owners. This ensures that when the subject rights requests service searches the Microsoft Purview Data Catalog, it can create tasks based on classifications, and automatically assign those tasks to the correct data owners to perform the work.

Roles and permissions

Users in your organization need to be assigned an appropriate role in order to complete various tasks.

Some capabilities in subject rights requests pertain to the job of the privacy professional or privacy officer; for example, creating request forms and templates, approving tasks, and managing the completion of requests. Other features are specific to data engineers or data owners, who complete tasks to locate and export or delete a data subject’s personal data from your data estate.

Role Access Description
Data Reader Read-only access to see the data assets in the Data Catalog. Required for accessing Data Map classifications when creating a new request. Also necessary to see the details of the data assets that are in scope for any given task and navigate to those assets.
Privacy Curator Read-write access to request information. Can create new requests and edit existing requests.
Privacy Reader Read-only access to request information. Can see details of existing requests and tasks but can’t modify them.

Visit Governance roles and permissions for more information about roles and how to assign them.

Next steps

Before you can start fulfilling subject rights requests, your organization needs to create a request intake form and a template that outlines how requests will be fulfilled. Visit the links below for more information and to get started managing requests:

  1. Build request forms and templates.
  2. Create and manage requests.

Microsoft Priva legal disclaimer