MC1199763 - Microsoft Purview | Data Security Investigations – Introducing new purge mitigation action

Introduction

We’re introducing a new purge mitigation action in Microsoft Purview Data Security Investigations (DSI). This feature enables admins to quickly and efficiently delete sensitive or overshared content during investigations, directly within the product experience. The purge action complements DSI’s AI-powered capabilities—such as categorization, AI search, and risk analysis—helping organizations reduce data exposure and mitigate leaks faster.

This message is associated with Microsoft 365 Roadmap ID 542930.

When this will happen:

• Public Preview: Rollout will begin in early January 2026 and complete by mid-January 2026.
• General Availability (Worldwide): Rollout will begin in early March 2026 and complete by late March 2026.

How this affects your organization:

• Who is affected: Admins using Microsoft Purview Data Security Investigations.
• What will happen:
  • A new purge mitigation action will be available in the DSI interface.
  • Admins can delete content matching investigation search queries to mitigate oversharing or sensitive data exposure.
  • The feature is enabled by default; no configuration changes are required.
  • Existing admin policies (DLP, retention, labels) remain respected.

  Screenshot 1: Data Security Investigations save search query for purge

  

  Screenshot 2: Data Security Investigations purge queue

  

What you can do to prepare:

• No admin action is required before rollout.
• Consider notifying your security and compliance teams about this new capability.
• Update internal documentation if you detail DSI workflows.

Learn more:

• Learn about Data Security Investigations
• Use the mitigation plan in Data Security Investigations (preview)

Compliance considerations:

No compliance considerations identified, review as appropriate for your organization.