Learn how to get set up to start using Microsoft Priva solutions. You'll notice that some instructions vary based on which portal you use and whether you're using the generally available (GA) solutions (Privacy Risk Management and Subject Rights Requests for data within Microsoft 365) or the preview solutions (Consent Management, Privacy Assessments, Subject Rights Requests for data beyond Microsoft 365, and Tracker Scanning). Get an overview of the Priva solutions.
Before you begin
Here's a checklist of items for ensuring that your organization is ready to start using Priva solutions:
Subject Rights Requests for data within Microsoft 365
These solutions can be purchased by organizations with the licenses outlined in the Microsoft Priva service description. When obtaining licenses for subject rights requests for data within Microsoft 365, you can choose the appropriate licensing tier for how many requests you need to handle. You can purchase more requests at any time.
Start a trial: The free Priva trial allows you to explore all the features and functionality of privacy risk management and subject rights requests for data within Microsoft 365. Learn how to sign up for the Priva trial.
Preview solutions and features
If you're using:
Consent Management (preview)
Privacy Assessments (preview)
Subject Rights Requests for data beyond Microsoft 365 (preview)
Certain functionality within these solutions integrates with Microsoft Purview data governance solutions, such as Data Map and Unified Catalog. If your organization isn't already set up to use Microsoft Purview data governance solutions, you'll need to follow some initial steps in order to start using these solutions with an Enterprise-tier license.
The best place to start is by visiting Get started with data governance solutions. You'll find guidance in starting a free version of Microsoft Purview data governance solutions or upgrading to the Enterprise version.
Where to access Priva solutions
All Priva solutions can be accessed in the new Microsoft Priva portal (preview). Priva solutions are also available in one of two classic Microsoft Purview portals. The table below outlines where each solution can be accessed. Depending on which portal you're using, you'll need to follow each portal's instructions to sign in and set permissions.
Tip
We recommend accessing Priva solutions through the Priva portal (preview) for a streamlined sign-in process and optimal user experience. You'll also gain familiarity with how the Priva portal works in preparation for the forthcoming retirement of the classic Microsoft Purview compliance portal and the classic Microsoft Purview governance portal.
Which solutions are available in which portal
Solution
Priva portal (preview)
Classic Microsoft Purview compliance portal
Classic Microsoft Purview governance portal
Consent Management (preview)
✔
✔
Privacy Assessments (preview)
✔
✔
Privacy Risk Management
✔
✔
Subject Rights Requests for data beyond Microsoft 365 (preview)
✔
✔
Subject Rights Requests for data within Microsoft 365
Priva uses a role-based access control (RBAC) permission model. Only users who are assigned a role can access Priva, and the actions allowed by each user are restricted by role type. The Global Administrator for your organization has permissions to assign roles to users.
Important
Microsoft recommends that you use roles with the fewest permissions. Minimizing the number of users with the Global Administrator role helps improve security for your organization.
Depending on which portal you're using to access Priva solutions, follow the appropriate instructions below for how to sign in.
Priva portal (preview)
To assign roles for GA solutions
Privacy Risk Management
Subject Rights Requests for data within Microsoft 365
Follow the steps below:
Sign in to the Priva portal (preview) using credentials for an admin account in your Microsoft 365 organization.
Select Settings in the upper right corner of the page, then select Roles and scopes.
Depending on the structure of your team, you have options to assign users to specific role groups to manage different sets of Priva features. Members should be assigned to role groups depending on what tasks they need to accomplish and what level of access is appropriate. Each role group includes one or more roles. These roles might pertain to specific Priva tasks or key functions that are enabled or restricted for that group’s members. Different users might therefore have different levels of visibility and access into certain Priva features.
Important
Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
Role groups can be customized if needed. To avoid accidental loss of access, we recommend creating a copy of the existing role group you wish to customize, giving the copy an identifiable name, making and verifying your changes to the new group, and assigning people to it as appropriate.
Roles and role groups for GA solutions
If you're using:
Privacy Risk Management
Subject Rights Requests for data within Microsoft 365
Most Priva roles for Privacy Risk Management and Subject Rights Requests for data within Microsoft 365 are designated as "Privacy Management" in the Microsoft Purview solutions section in Settings --> Permissions. Roles specific to Priva don't appear in Microsoft Entra ID. Learn more about Permissions settings.
Role group
Description
Roles
Applies to
Privacy Management
This role group contains all permission roles for Priva GA solutions in a single group. This group might be a good fit for organizations where the same individual performs all duties. We recommend always having at least one active member of this group.
Case Management - Data Classification Content Viewer - Data Classification List Viewer - Privacy Management Admin - Privacy Management Analysis - Privacy Management Investigation - Privacy Management Permanent Contribution - Privacy Management Temporary Contribution - Privacy Management Viewer - Subject Rights Request Admin - View-Only Case
Privacy Risk Management
Subject Rights Requests
Privacy Management Administrators
Members have broad access to Priva functions, including permissions and settings, and creating, reading, updating, and deleting Privacy Risk Management policies.
Case Management Privacy Management Admin View-Only Case
Privacy Risk Management
Subject Rights Requests
Privacy Management Analysts
Members act as issue analysts. They can investigate policy matches, view file metadata, and take remediation actions. Members can't access content items.
Case Management Data Classification List Viewer Privacy Management Analysis View-Only Case
Privacy Risk Management
Privacy Management Investigators
Members act as data investigators. They can investigate policy matches, view associated file content, and take remediation actions. Members can access content items.
Case Management Data Classification Content Viewer Data Classification List Viewer Privacy Management Investigation View-Only Case
Privacy Risk Management
Privacy Management Viewer
Members can view analytical information, such as reports, insights, and policy trends.
Privacy Management Viewer
Privacy Risk Management
Subject Rights Requests
Privacy Management Contributors
When a user is added as a collaborator on a subject rights request, they automatically get added as a member of this role group. Learn more about adding collaborators on subject rights requests.
Members have full rights to create and manage subject rights requests, and can add approvers for requests.
Subject Rights Request Admin
Subject Rights Requests
Subject Rights Request Approvers
Members can approve subject rights requests to which they're added as an approver.
Subject Rights Request Approver
Subject Rights Requests
Roles for preview solutions
If you're using:
Consent Management (preview)
Privacy Assessments (preview)
Subject Rights Requests for data beyond Microsoft 365 (preview)
Tracker Scanning (preview)
A user must hold a Privacy Reader or Privacy Curator role to access the Priva preview solutions. Some solutions require extra roles for performing certain tasks. Consult the table below for an overview on required roles with links to detailed information. You can learn general information about assigning roles by visiting Governance roles and permissions.
Subject Rights Requests for data within Microsoft 365
These solutions are available to customers worldwide.
However, if your organization provisioned its tenant in one of the local data centers listed below in order to meet data residency requirements, the Priva solutions won't be available to you:
Norway
Poland
Qatar
Singapore
South Africa
South Korea
Spain
Sweden
Switzerland
United Arab Emirates
Preview solutions
If you're using:
Consent Management (preview)
Privacy Assessments (preview)
Subject Rights Requests for data beyond Microsoft 365 (preview)
Tracker Scanning (preview)
The Priva solutions in preview are available in the regions listed below. The region names correspond to Azure regions supported by the Azure Cosmos DB service. Get definitions for Azure region names.
Microsoft 365 audit logs are a summary of all activities within your organization. Privacy risk management policies may use these activities for generating policy insights.
Your organization might already have audit logs turned on. If you need to start using them for the first time, see Turn audit log search on or off for step-by-step instructions to turn on auditing. After you turn on auditing, a message is displayed that says the audit log is being prepared and that you can run a search in a couple of hours after the preparation is complete. You only have to do this action once. For more information about using the Microsoft 365 audit log, see Search the audit log.
How Priva works with Microsoft Purview risk and compliance solutions
Microsoft Purview Compliance Manager
Priva works hand in hand with Microsoft Purview Compliance Manager, which offers data protection and privacy assessment templates that correspond to compliance regulations and industry standards around the world. Based on the assessments you build with these templates, Compliance Manager can help you understand what steps to take to meet your organization's regulatory requirements. Taking steps in Priva to protect the personal data you store can contribute to your privacy assessments in Compliance Manager and can help improve your compliance score.
In preview: By taking specific actions in Priva, you can achieve points that count toward assessment completion and increase your overall compliance score. Examples of actions that Compliance Manager can monitor and give you credit for include setting up a Privacy Risk Management policy, and enabling data retention limits for subject rights requests. Compliance Manager automatically detects whether you've completed the actions and awards points that contribute to your compliance sore. Learn more about automated testing and monitoring in Compliance Manager.
To find Priva actions in Compliance Manager, follow the steps below:
In the Microsoft Purview compliance portal, select Compliance Manager on the left navigation pane.
In Compliance Manager, go to the Improvement actions tab.
On the Solutions filter, select "Priva Privacy Risk Management" and "Priva Subject Rights Requests."
Microsoft Purview Data Loss Prevention
Microsoft Purview Data Loss Prevention (DLP) provides robust capabilities to help prevent the unintentional sharing of sensitive items outside of an organization. Priva can extend this protection by delivering insights unique to your organization and empowering your users to address risks right away. For example, when you use Privacy Risk Management to detect transfers of personal data outside of your organization or between certain departments, users can receive email notifications with remediation actions right in the email. Get more details about user email notifications in Privacy Risk Management.