Office365 Sensitive Information Types

New Contributor

Hi , In the Office365 portal, It is possible to add a custom sensitive information type via the GUI. It is possible to specify a minimum count for keywords but not for regex.


In reference to this article


The image below displays how to specify a minimum count for keywords. I need to know how to specify a minimum count for a regex defined in the xml.mincount.png


The reason I need this is to ensure eDiscovery search cases, provide the same response as DLP policies. When creating a DLP policy it is possible to specify the minimum count of sensitive information type and I want DLP and eDiscovery aligned. 


5 Replies
Hi @Sean O'Farrell,

Yes, you can build custom sensitive information types in the GUI via the Security and Compliance centre

See this great article by Joanne Klein -

But also here for official documentation which confirms it can be built in the GUI.

Best, Chris

Hi Chris, I know I can build custom information types in the GUI. The GUI does not allow the minimum count for regex,  only keywords. That is why I am creating them in xml and then importing them via powershell.

Hi Sean,

Thanks - I read it as is it as opposed to it is!

I have raised a uservoice for you on the GUI.

I am going to raise this to the Sec and Compliance Microsoft Team to see if we can get an answer -

@Ryan Heffernan - see above string from Sean. With regards custom sensitive information types how do we specify a minimum count for a regex defined in the xml? It would be great to get an answer on this.

Best, Chris

Adding @Caroline Shin  and @Anthony Smith (A.J.). Can either of you speak to this question?

Posting this on behalf of the DLP product team:


In custom sensitive type is defined by patterns with 2 elements – idMatch and Match. Both these elements could take Regex, Keyword or Dictionary or built-in functions.


There are key differences between idMatch and Match.

  1. idMatch –enables detecting the sensitive content in document (like a credit card number)
  2. match – enables detection of supporting evidence in the proximity of idMatch (like words like “CVV”, “Credit Card”, “VISA” etc..,)


Min Matches

For a match element, min match count allows setting requirement to minimum number of supporting evidence to found to match pattern. As mentioned match could be a keyword list or a Regex.


Single match of idMatch along with required matches will identify a sensitive content found in document. In DLP Policy, the customer could configure the min and max number of sensitive type (like Credit cards) required to be found.