Effective January 12, 2021, Union University will begin using Microsoft 365 Data Loss Prevention (DLP) to help protect Union University's data assets and privacy.

WHAT IS DATA LOSS PREVENTION (DLP) ?

Microsoft 365 DLP is a set of tools and processes used to prevent sensitive data from being lost, misused, or accessed by unauthorized users when sending email outside the organization which contains such data. This can include social security and driver license numbers, credit card and banking information, and more.

How It Works: The DLP system automatically scans emails and attachments then classifies confidential, business-critical data. It identifies violations of policies that are driven by regulatory compliance such as FERPA, HIPAA, PCI-DSS, Gramm-Leach-Bliley, or GDPR, all with which we are required to comply. Once an incident is identified, DLP enforces remediation with alerts and blockage to prevent users from accidentally or maliciously sharing data that could put the organization at risk.

For example, if you attempt to send an email message containing protected information such as a credit card number that conflicts with our DLP policy, you will receive an email similar to this:

Your email message conflicts with a policy in your organization. Issues:

• Message is sent to people outside your organization.
• Message contains the following sensitive information: Credit Card Number.
• Sender violates organizational policy.

DLP provides reporting to meet compliance and auditing requirements. It also identifies areas of weakness and anomalies for forensics and incident response.

IMPORTANT: The University's DLP policies only apply to outgoing information, not incoming email messages or attachments. They do not apply when sharing with co-workers or students within the Union network or domain.

If you need to submit Personally Identifiable Information (PII) such as your SSN to your healthcare provider, please call your provider to avoid sharing your information online via email when possible.