Implement Microsoft Purview Records Management
Organizations of all types require a records management solution to manage regulatory, legal, and business-critical records across their corporate data. Microsoft Purview Records Management:
- Helps an organization manage their legal obligations.
- Demonstrates compliance with regulations.
- Increases efficiency with regular disposition of items that:
- An organization no longer must retain.
- An organization no longer requires for business purposes.
- An organization no longer values.
Organizations can use the following capabilities to support their records management solution for Microsoft 365 services and apps:
- Label content as a record. Create and configure retention labels to mark content as a record. Users can apply labels, or Microsoft Purview Records Management can automatically apply them by identifying sensitive information, keywords, or content types.
- Migrate and manage your retention requirements with a file plan. By using a file plan, you can bring in an existing retention plan to Microsoft 365, or build a new one for enhanced management capabilities.
- Configure retention and deletion settings with retention labels. Configure retention labels with the retention periods and actions based on various factors that include the date last modified or created.
- Start different retention periods when an event occurs with event-based retention.
- Review and validate disposition with disposition reviews and proof of records deletion.
- Export information about all disposed items with the export option.
- Set specific permissions for records manager functions in your organization to have the right access.
An organization can use these capabilities to incorporate its retention schedules and requirements into a records management solution. The organization can then manage retention, records declaration, and disposition to support the full lifecycle of its content.
Additional resource. You may find it useful to download this records management FAQ document.
What's a record?
When an organization's records management team declares content a record:
- The team places restrictions on the items in terms of what actions it allows and what actions it blocks.
- The team logs other activities about the item.
- The declaration provides proof of disposition when the system deletes items at the end of their retention period.
Organizations use retention labels to mark content as either a record or a regulatory record. The next section displays the difference between these two record types. You can either:
- Publish those labels so that users and administrators can manually apply them to content.
- Autoapply those labels to content that you want to mark as a record or a regulatory record.
By using retention labels to declare records, you can implement a single and consistent strategy for managing records across your Microsoft 365 environment.
Enable the regulatory record option
By default, the retention label option to mark content as a regulatory record isn't displayed in the retention label wizard. To display this option, you must first run the following command in the Security & Compliance PowerShell module:
Connect to Security & Compliance PowerShell.
Run the following command:
Set-RegulatoryComplianceUI -Enabled $trueNote
The system doesn't prompt you to confirm this change. The update to this setting immediately takes effect.
If you change your mind about seeing this option in the retention label wizard, you can hide it again by running the same command with the false value:
Set-RegulatoryComplianceUI -Enabled $false
Configure retention labels to declare records
When you create a retention label from the Microsoft Purview Records Management solution in the Microsoft Purview compliance portal, you can mark items as a record. If you ran the PowerShell command from the previous section, you can alternatively mark an item as a regulatory record, as seen in the following screenshot.
Using this retention label, you can now apply it to SharePoint or OneDrive documents and Exchange emails, as needed.
Compare restrictions for allowed and blocked actions
The following table identifies what restrictions an organization places on content as a result of applying a standard retention label. It also identifies retention labels that mark content as a record or regulatory record.
A standard retention label has retention settings and actions. However, it doesn't mark content as a record or a regulatory record.
Note
For completeness, the table includes columns for a locked and unlocked record. These record types are applicable to SharePoint and OneDrive, but not Exchange. The ability to lock and unlock a record uses record versioning the system doesn't support for Exchange items. So for all Exchange items that an organization marked as a record, the behavior maps to the Record - locked column, and the Record - unlocked column isn't relevant.
| Action | Retention label | Record - locked | Record - unlocked | Regulatory record |
|---|---|---|---|---|
| Edit contents | Allowed | Blocked | Allowed | Blocked |
| Edit properties, including rename | Allowed | Allowed (1) | Allowed | Blocked |
| Delete | Allowed (2) | Blocked | Blocked | Blocked |
| Copy | Allowed | Allowed | Allowed | Allowed |
| Move within container (3) | Allowed | Allowed | Allowed | Allowed |
| Move across containers (3) | Allowed | Allowed if never unlocked | Blocked | Blocked |
| Open/Read | Allowed | Allowed | Allowed | Allowed |
| Change label | Allowed | Allowed - container admin only | Blocked | Blocked |
| Remove label | Allowed | Allowed - container admin only | Blocked | Blocked |
Footnotes:
- The system, by default, allows you to edit properties for a locked record. However, an organization can block users from editing properties for a locked record through a tenant setting in the Microsoft Purview compliance portal. Navigate to Records management, then Records management settings, then Retention labels, and then Allow editing of record properties.
- An organization can block users from deleting labeled items in SharePoint and OneDrive through a tenant setting in the Microsoft Purview compliance portal. Navigate to Records management, then Records management settings, then Retention labels, and then Deletion of items. When you apply a retention label to a list item that has a document attachment, that document doesn't inherit the retention settings. You can also delete the document from the list item. In comparison, if an organization's records management team declares that list item a record with a retention label, the document attachment inherits the retention settings, and you can't delete it.
- Containers include SharePoint document libraries, OneDrive accounts, and Exchange mailboxes.
Record restrictions
The most important difference for a regulatory record is that after an organization applies the retention label to the content, nobody, not even a Microsoft 365 Global Administrator, can remove the label. Retention labels configured for regulatory records also have the following administrator restrictions:
- Administrators can't reduce the retention period after saving the label. They can only extend it.
- Autolabeling policies don't support retention labels. Retention label policies must apply retention labels.
In addition, you can't apply a regulatory label to a document that' someone checked out in SharePoint.
Because of the restrictions and irreversible actions, an organization should ensure that it really does need to use regulatory records before it selects this option for its retention labels. To help prevent accidental configuration, this option isn't available by default. Instead, an organization must first enable this option by using PowerShell.
Additional reading. For more information on how to enable this option using PowerShell, see Declare records by using retention labels.