Microsoft Purview · Privacy Management (Priva)
Privacy Management
Top-level role group for the Privacy Management (Priva) solution in Microsoft Purview. Manages access control for the entire Privacy Management portal experience — distinct from the more scoped Privacy Management Administrators role group.
Scope: Full Privacy Management (Priva) solution administration including subject rights requests, privacy risk policies, and data minimization workflows
Permissions
- Case Management - Privacy case lifecycle management
- Compliance Manager Contribution / Reader - Privacy assessments in Compliance Manager
- Compliance Search - Search content for privacy investigations
- Custodian - Manage data custodians for privacy investigations
- Data Classification Content Viewer - View classified privacy-sensitive content
- DLP Compliance Management - Manage privacy-related DLP policies
- Information Protection Admin - Manage sensitivity labels with privacy implications
- Manage Alerts - Privacy alert triage
- Subject Rights Request (DSR) management
- Privacy Risk Management policy administration
Common use cases
- GDPR, CCPA, LGPD privacy program administration
- Subject Rights Request (DSR/DSAR) fulfillment program
- Privacy risk identification and remediation
- Privacy by design program ownership
- Coordinating privacy work across compliance, legal, and IT teams
Best practices
- Limit to 2-5 privacy program leads
- Pair with Privacy Management Administrators for scoped delegation
- Use scoped role groups (Analysts, Investigators, Viewers) for line staff
- Document privacy program governance in policy library
- Coordinate with Legal team on regulatory interpretation
Security considerations
- Broad access to privacy-sensitive content and subject identities
- Members can complete or reject subject rights requests — legal exposure if mishandled
- Privacy investigation findings may have regulatory reporting obligations
- Audit all privacy data access for accountability