Can I prevent eDiscovery for sensitive SharePoint documents?

John Water
John Water used Ask the Experts™
on
We have our email and SharePoint environments in the cloud with O365. We are  just starting to use eDiscovery. We do have some documents in SharePoint that have a higher security placed on them and we have set access to them accordingly.
What I want to find out is there a way to exempt these documents from an eDiscovery search? If not, will the elevated access requirement to the documents prevent them from being read by the person doing the search (providing they do not have required access) even if they are found in the eDiscovery?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2015
Distinguished Expert 2018
Commented:
You can limit eDiscovery to specific sites, or exclude specific sites, by using the co-called "compliance security filters" feature: https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-filtering-for-content-search?redirectSourcePath=%252fen-us%252farticle%252fConfigure-permissions-filtering-for-Content-Search-1adffc35-38e5-4f7d-8495-8e0e8721f377

If you want to restrict access to specific documents and not an entire site, you can use RMS/AIP encryption to render it "inaccessible" to the search index.
Jamie McAllisterCloud Expert
Most Valuable Expert 2013
Top Expert 2014

Commented:
It should also be noted that a user will never be able to see content that they aren't allowed to. If permissions preclude viewing of a given sensitive file for a user, eDiscovery will not highlight that document for the user either.

Search is also security trimmed in a similar way.

Author

Commented:
Jamie and Vasil,

Thank you both for your input. I would like to confirm my understanding of each -

I can use the information in the link from Vasil to set up filters to limit WHERE an eDiscovery search would look, correct?

From Jamie's input, if permissions to a site, folder, etc. were set up so that I cannot access them, my eDiscovery search would never produce them as a product of my search, no matter if I had filters or not, correct?
Is this true no matter my role, Compliance Administrator, Global Admin, etc.?
If this is accurate, then the same eDiscovery search criteria could have different results for two different staff members with different levels of data access, correct?

Thank you,
JavaScript Best Practices

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.

Jamie McAllisterCloud Expert
Most Valuable Expert 2013
Top Expert 2014

Commented:
Hi swfwmd2,

I can confirm that search results will be different depending on a users access rights.

J

Author

Commented:
Even though I do not have access to a file when I navigate to it (purposely set up this way), I can find it in an eDiscovery search since I am a global admin. Is this expected and will the implementation of "compliance security filters" block me from finding it when I do an eDiscovery search?

Thank you
Most Valuable Expert 2015
Distinguished Expert 2018

Commented:
It's expected, as eDiscovery runs as a "system" process. The only way that I know of to restrict what data can Be accessed via eDiscovery is Compliance Security Fitlers, so try them out.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial