Microsoft Purview · Unified Catalog Governance

Data Health Reader

Read artifacts in Data Estate Health management area of Unified Catalog.

Scope: Read-only access to Data Estate Health management

Permissions

  • View data health reports and dashboards
  • Access Data Estate Health explorer view (read-only)
  • View data quality insights and metrics
  • Review data observability findings
  • Access catalog health and maturity reports
  • View data health trends and analytics

Common use cases

  • Executives reviewing data governance program health
  • Management dashboards and reporting
  • Stakeholders monitoring catalog quality trends
  • External auditors reviewing data governance maturity
  • Business unit leaders tracking their domain health
  • Compliance officers assessing data quality compliance

Best practices

  • Assign to executives and stakeholders who need visibility
  • Use for management reporting and governance oversight
  • Combine with Global Catalog Reader for full catalog visibility
  • Share health trends in governance steering committee meetings
  • Ideal for external auditors during assessments

Security considerations

  • Read-only with no modification capabilities
  • Health data may reveal organizational maturity gaps
  • Safe for broad assignment to leadership
  • No access to underlying sensitive data

Common questions

When should I assign the Data Health Reader role?

Assign Data Health Reader when you need to: Executives reviewing data governance program health; Management dashboards and reporting; Stakeholders monitoring catalog quality trends; External auditors reviewing data governance maturity; and Business unit leaders tracking their domain health. It is part of Microsoft Purview and should be granted as a least-privilege alternative to broader roles like Global Administrator.

What can someone with the Data Health Reader role do?

The Data Health Reader role grants permissions including: View data health reports and dashboards; Access Data Estate Health explorer view (read-only); View data quality insights and metrics; Review data observability findings; Access catalog health and maturity reports; and View data health trends and analytics. See the Permissions section above for the full list.

What are the security risks of the Data Health Reader role?

Key considerations when assigning Data Health Reader: Read-only with no modification capabilities; Health data may reveal organizational maturity gaps; Safe for broad assignment to leadership; and No access to underlying sensitive data. Review the Security considerations section before assignment, and pair with Privileged Identity Management (PIM) for just-in-time access where possible.

Official Microsoft Learn documentation →

Open the interactive RBACMap →