Share via

Create an exact data match sensitive information type (Classic experience workflow)

Creating and making a sensitive information type (SIT) based on exact data matching criteria (an EDM SIT) is a multi-phase process. These SITs can be used in Microsoft Purview data loss prevention policies, auto-labeling, eDiscovery, and certain content governance tasks. This article outlines the workflow and links to the procedures for each phase using the classic experience.

Applies to

  • Classic experience

If you want to create an EDM SIT using the new experience see, Create an EDM SIT (New experience).

Before you begin

Make sure you review:

Overview of the EDM workflow (Classic experience)

exact data match workflow phases

Phase What's needed
Phase 1: Export source data for exact data match based sensitive information types - Read access to the sensitive data
Phase 2: Create the schema for exact data match based sensitive information types - Access to the sensitive information type wizard in the Microsoft Purviews portal
- access to the Microsoft 365 admin center via Security & Compliance PowerShell
Phase 3: Hash and upload the sensitive information source table for exact data match sensitive information types - Custom security group and user account
- Hash and upload from one computer: local admin access to a computer with direct internet access and to host the EDM Upload Agent
- Hash and upload from separate computers: local admin access to a computer with direct internet access and host the EDM Upload Agent for the upload and local admin access to a secure computer to host the EDM Upload Agent to hash the sensitive information source table
- Read access to the sensitive information source table file
the schema file
Phase 4: Create exact data match sensitive information type/rule package - Access to the Microsoft Purview portal
Test an exact data match sensitive information type - Access to the Microsoft Purview portal

See also