Aug 21 2023 09:43 AM
Aug 21 2023 09:43 AM
We have got a request from the DPO to delete all the personal data of an employee who has left the organization 3 years back. Now the definition of personal data as mentioned by the DPO is anything which helps to identify that user ( i.e., first name and second name , email address etc ) . Now, we did perform a search across all M365 apps, and we found some documents in SPO which been authored and co-authored by this user and even though these are organization's IP we would like to remove the username metadata that's attached to these files so that his/her name doesn’t show up anywhere in Microsoft 365.
So, now my question is, which exact tool in MS Purview can I use for this scenario ? Would it be eDiscovery premium ? Even if it helps to identify and export all the data, I don't think I can perform any deletion on those data’s using eDiscovery premium , right ? So, which exact tool in Microsoft Purview can help me with this scenario and how are organizations currently dealing with such requests ?
Oct 16 2023 01:08 PM
I'm probably too late for this since your timeline for this DSR has probably already expired. In the situation you've mentioned - where the individual is named in the created by or last modified by fields - I would ask your DPO whether these actually count. Yes, they do help identify the individual; however these could be considered business-critical information at which point they can be exempted from GDPR because the content could become irrelevant without the provided context.
Now, of course, if the content found is no longer business relevant then it does need to be deleted. When I run into these requests (generally for Exchange content) I use Purview Content Search. Once you have your content search returning everything, you just need a little PowerShell. Note the example below is what I use for Exchange Online, but it should be similar for SPO
Now find the name of your Content Sarch
Now perform the deletion action
New-ComplianceSearchAction -SearchName "XXXcontentsearchnameXXX" -Purge -PurgeType HardDelete