Introduction
With Microsoft Purview enabled in Microsoft Foundry, Purview admins can apply inline data loss prevention (DLP) policies to prompts used in Foundry-built apps and agents. This helps prevent sensitive data from being shared through prompts and supports stronger data protection and compliance for AI-driven workflows.
This message is associated with Microsoft 365 Roadmap ID 558565.
When this will happen:
- Public Preview: We will begin rolling out in mid-May 2026 and expect to complete by early June 2026.
- General Availability (Worldwide): Rollout will begin in mid-June 2026 and is expected to complete by late June 2026.
How this affects your organization:
Who is affected:
- Admins managing Microsoft Purview and Microsoft Foundry
- Organizations building or using apps and agents in Microsoft Foundry
What will happen:
- When your organization builds AI apps and agents on Microsoft Foundry, Foundry admins can enable Microsoft Purview by configuring the Purview toggle in Foundry, allowing Purview to manage how these apps and agents interact with data.
- Security admins can ensure the data security and compliance posture of how these apps and agents interact with data by setting up DLP policies for prompts in Microsoft Purview Data Loss Prevention (DLP).
- Admins can configure Microsoft Purview DLP policies to evaluate prompts submitted to Foundry apps and agents.
- Policies can detect and help prevent the sharing of sensitive information in prompts to large language models (LLMs)..
- DLP enforcement occurs inline as prompts are submitted.
- This feature supports existing Microsoft Purview DLP capabilities and integrates with current compliance workflows.
- No change occurs unless admins create or enable DLP policies for this scenario (admin configuration required).
- Foundry-based DLP capabilities follow a pay-as-you-go model. Microsoft Purview must be enabled with a pay-as-you-go subscription for this feature to work.
What you can do to prepare:
- Review your current Microsoft Purview DLP policies and identify scenarios that should apply to AI prompts.
- Create and use DLP policy simulation mode to understand what data is being exchanged with AI apps and agents before enforcing policies.
- Plan internal guidance for admins and compliance teams on managing prompt-level DLP.
- Update internal documentation to include this capability if you use Microsoft Foundry apps and agents.
Learn more:
Compliance considerations:
| Area |
Explanation |
| Alters how existing customer data is processed |
Prompts submitted to Microsoft Foundry apps and agents are evaluated inline against Purview DLP policies to detect sensitive information. |
| AI/ML interaction with customer data |
Introduces DLP policy evaluation for prompts within AI apps and agents, adding governance to how AI systems process user-provided data. |
| End-user interaction with generative AI |
Users continue interacting with Foundry apps and agents, but prompts may now be evaluated or blocked based on DLP policies. |
| Modifies Purview DLP policies or enforcement |
Extends existing Purview DLP enforcement to include inline scanning and enforcement of prompts in Foundry apps and agents. |
| Alters admin monitoring or reporting |
Admins may use existing Purview reporting and auditing capabilities to monitor DLP activity for prompts, but no new reporting functionality is specified. |
| Includes admin control |
Security admins configure and manage DLP policies in Microsoft Purview DLP for this capability. |