Microsoft Purview · Privacy Management (Priva)

Privacy Management Viewer

Read-only access to privacy analytics, reports, insights, and policy trends. Can view privacy risk dashboards and compliance metrics without investigative or administrative capabilities. Ideal for privacy stakeholders who need visibility into privacy posture.

Scope: Read-only access to Privacy Risk Management and Subject Rights Request analytics, reports, and insights. No investigative or administrative capabilities.

Permissions

  • View Privacy Risk Management reports and dashboards
  • Access privacy risk insights and analytics
  • View privacy policy trend analysis
  • Review privacy risk scores and compliance metrics
  • Access Subject Rights Request summary statistics
  • View privacy incident case summaries (no investigation access)
  • Review privacy policy configuration (read-only)
  • View privacy risk detection thresholds and settings
  • Access privacy compliance reports for executive review
  • View privacy risk management historical trends
  • Review privacy policy match statistics
  • Access privacy program maturity metrics
  • View subject rights request processing times and volumes
  • CANNOT investigate policy matches or access files
  • CANNOT modify privacy policies or settings
  • CANNOT take remediation actions or create cases

Common use cases

  • Executive leadership monitoring organizational privacy posture
  • Board members reviewing privacy compliance metrics
  • Regional compliance officers viewing privacy trends
  • Auditors reviewing privacy program effectiveness
  • Privacy steering committee members accessing privacy dashboards
  • Legal counsel monitoring privacy risk exposure
  • Chief Information Security Officer (CISO) reviewing privacy metrics
  • Chief Privacy Officer (CPO) presenting privacy reports to stakeholders
  • Compliance team members tracking privacy program maturity
  • Risk management teams assessing privacy-related risks
  • Data protection officers in observer roles
  • Third-party privacy assessors conducting compliance reviews

Best practices

  • Use this role for stakeholders who need visibility without action capabilities
  • Grant to executive leadership for privacy program oversight
  • Assign to board members or audit committee for governance reporting
  • Provide to regional compliance officers for trend monitoring
  • Use for periodic privacy program reviews with leadership
  • Share privacy dashboards in executive briefings and board presentations
  • Combine with regular privacy metrics reporting to stakeholders
  • Use insights to drive privacy program investment decisions
  • Monitor privacy trends to identify areas needing policy improvements
  • Review privacy risk scores to prioritize compliance initiatives
  • Track subject rights request volumes for resource planning
  • Use historical trends to demonstrate privacy program maturity
  • Leverage read-only access for independent privacy audits
  • Grant temporary access to external privacy assessors or auditors

Security considerations

  • Read-only role with no investigative or remediation capabilities
  • Can view privacy metrics and trends but not underlying file data
  • Privacy reports may reveal organizational structure or sensitive projects
  • Subject rights request statistics may indicate privacy vulnerabilities
  • Policy configuration visibility may expose compliance gaps
  • All report access is auditable through Microsoft 365 audit log
  • This role is low-risk compared to Analyst or Investigator roles
  • Appropriate for broader distribution to privacy stakeholders
  • No access to case details, file metadata, or content
  • Privacy insights may reveal business-sensitive trends
  • Consider confidentiality when sharing privacy reports externally
  • Monitor audit logs to ensure no unauthorized access attempts

Official Microsoft Learn documentation →

Open the interactive RBACMap →