Using DLP to automatically report HIPAA incidents
In the previous recipe, we created a DLP policy that detected HIPAA-protected content and sent an incident report as part of its handling. In this recipe, we'll edit an existing DLP policy and add an incident report as part of its response.
You should be a global or compliance administrator to complete this recipe.
How to do it…
- Go to your DLP policies directly at https://compliance.microsoft.com/datalossprevention. You could also go to the Microsoft 365 compliance center and select Show all > Data loss prevention from the left navigation menu.
- Select the policy for which you're configuring an incident report, then click Edit policy:
- Select Policy settings > expand the content specifications > Edit rule: