Internally we have now recieved the message concerning dataprotection in cases where members of groups (Departments, etc.) are removed due to reorganization and changes and they have files of those groups synced to their local machine via OD-Client.
Since we work with a lot of people who are working with their own device and where we can't put Intune in place for controling those devices (also due to License shortage) we want to know, how we can control that files are removed automatically after the OD Client recognizes the missing membership rights to that library (like in Dropbox).
Is there a process in place? My own testing came up with already local files on the users computer still being saved and accessible with the version synchronized the last time.
When you remove someone from the group, they no longer have permissions to the sharepoint site and hence the sync with document library breaks. There is no way to actually delete the files from members computers which were already synced. Since you mentioned data protection, Office 365 does provide a robust solution Azure Information Protection . Once you configure AIP you would be able to classify data using labels, and later track your documents ,revoke access even if it has been downloaded via onedrive and is no longer being synced. Here are a few links for you to explore further: