Microsoft Azure Information Protection Secures Power BI Data Exports for a Seamless DLP Strategy

This post has been republished via RSS; it originally appeared at: Healthcare and Life Sciences Blog articles.

Business Intelligence and Analytics are often restricted in Healthcare organizations due to regulatory concerns about sensitive data such as Personally Identifiable Information (PII). Report viewers often want to export data from reports, but until now there has been no way to effectively track and protect exported files of data. Also, allowing access to reports from un-managed devices has often been an all-or-nothing approach. Microsoft Information Protection and Cloud App Security tools are now in Preview for Power BI as part of your enterprise Data Loss Prevention strategy. Here’s a demo of how Microsoft Information Protection works as a part of Power BI Data Protection:



This article is the third in a series exploring how Power BI paired with Azure data tools creates a flexible, scale-able, and achievable healthcare analytics architecture:

  • #1 - Unleash Massive Healthcare Data Volumes to Analytics using Power BI Aggregations - Click Here!
  • #2 - Control PII and Sensitive Data Risk for Self-Service BI using Power BI DataFlows and Azure Data Lake - Click Here!
  • #3 - Microsoft Azure Information Protection Secures Power BI Data Exports for a Seamless DLP Strategy (this article)
  • #4 - Power BI with Azure Synapse enables Advanced Row Level Security with Variable Access at both the Summary and Detail Levels (Coming Soon)

A previous article at this link reviews many of the challenges that Healthcare organizations face due to Privacy and Regulatory concerns for PHI and other types of Sensitive Data. The diagram below is from that article, and shows three common ways that Sensitive Data can be shared inappropriately:


PII Sharing can be Controlled Using Power BI Data Protection


  1. User Exports Data and Shares with Unapproved Users – Power BI Data Protection (using MIP/AIP) is now in Preview to prevent inappropriate sharing.
  2. User Shares a Report with an Unapproved User – Power BI Workspace Level Security, Row Level Security, and Data Protection can all be used to mitigate this scenario.
  3. Re-Identification due to Small Data Aggregation sizes, Using Deep Learning or Referencing Other Databases – Cloud App Security Tools and other Power BI capabilities can reduce this risk, but thoughtful Data Model design by solution architects is also needed and sometimes requires expertise outside of what can be provided by a digital toolset.

Finally, here is a video that reviews Power BI Data Protection that was recently recorded at Microsoft Ignite:


REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.