@Eray Chou  Here is a scenario that needs to addressed.

1. A team member gets assigned a task to gather Patient records or Custom credit information.
2. when they finish the task, they attach a file containing the sensitive data to the task.

DLP needs to let the compliance people know that this has occurred.

@Dean Gross Thanks for the clarification.  I'll need to verify, but for this specific case (DLP for attachment content) it's possible that SharePoint's DLP support would kick in and detect this case.  The DLP work we are investigating would then extend support to also include other Tasks fields -- for example, recording credit card numbers in the Task's description.  

@Eray Chou You are correct, in my scenario, the File attached to the task gets put into SPO (which I forgot happened) so DLP will find it. Your scenario is better than mine and needs to be covered.