Remove Sensitive and Hidden Information from Microsoft 365 Documents and PDFs

Summary

Step-by-step guidance for safely redacting sensitive or confidential information from Microsoft 365 documents and PDFs before sharing. Covers using Inspect Document tools to remove hidden metadata, true redaction using Adobe Acrobat Pro, and how to verify that redaction is complete.

Body

Questions

  • How do I safely redact sensitive information from a Microsoft 365 document before sharing it?
  • What is the best way to remove confidential data from a PDF so it cannot be recovered?
  • How can I use Microsoft 365 tools to clean personal or restricted information from a file?
  • How do I check that hidden or behind-the-scenes details are removed from a document or PDF?
  • Is drawing a black box over text in a PDF enough to redact it?

Environment

This article applies to Bowdoin faculty and staff using Microsoft 365 apps — Word, Excel, PowerPoint, and OneNote — on Windows, macOS, or the web, and to anyone working with PDF files. Use this guidance whenever you need to permanently remove sensitive or confidential information before sharing a file by email, OneDrive, Teams/SharePoint, or another method.

Resolution

Understand what "redact" really means

When you redact, you are not just hiding text with black boxes or changing the font color to white. True redaction means the information is completely removed from the file so it cannot be copied, searched, or revealed later. Always confirm that redacted information is gone — not just covered.

Drawing a black box is not safe redaction. Text covered by a drawn shape may still be selectable, searchable, or visible when copied. Always use a dedicated redaction tool as described below.

Step 1: Identify what needs to be removed

Look for full names, home addresses, phone numbers, email addresses, ID or driver's license numbers, account numbers, dates of birth, Social Security numbers, and credit card numbers. Also check for internal notes, tracked changes, comments, and previous document versions. If the file contains images or screenshots, check whether those also contain sensitive details.

Step 2: Work on a copy of the file

Open the original file and save a separate copy with a clear name — for example, add _Redacted to the end of the file name. Make all changes to the copy so the original stays intact.

Step 3: Remove hidden data from Microsoft 365 documents

Use the built-in Inspect Document tools to remove hidden content such as comments, tracked changes, and document properties.

Windows (Word, Excel, PowerPoint)

  1. Open the copy of your file.
  2. Click File > Info.
  3. Click Check for Issues, then click Inspect Document.
  4. Leave all checkboxes selected and click Inspect.
  5. For each section that finds results, click Remove All.
  6. Click Close, then save the file.

macOS (Word, Excel, PowerPoint)

  1. Open the copy of your file.
  2. Manually remove any comments, tracked changes, and personal information: turn off and accept tracked changes, delete all comments, and remove personal details from document properties.
  3. Save the file.

Step 4: Manually replace sensitive text

In the copy of the file, find each piece of sensitive text and replace it with something neutral, such as XXX or [redacted]. Check comments, footnotes, headers, footers, and text boxes — not just the main body. After replacing sensitive text and removing hidden data, save the file and then export it to PDF using File > Save As or Export.

Step 5: Redact the PDF using a true redaction tool

Do not rely on drawing tools or highlight tools to redact PDFs. Use a tool designed specifically for redaction.

Adobe Acrobat Pro

  1. Open the PDF in Adobe Acrobat Pro.
  2. In the right-hand pane, click Redact. If you do not see it, click More Tools and add the Redaction tool.
  3. Click Mark for Redaction > Text & Images.
  4. Drag to highlight each word, line, or area to remove.
  5. Review all marks, then click Apply. Acrobat will warn that this permanently removes the content — click OK.
  6. Save the file with a new name (for example, add _Redacted.pdf).
Images in PDFs: If the PDF contains screenshots or charts showing sensitive information, use the same Mark for Redaction tool to select and permanently remove those areas from the image.

Step 6: Verify that redaction is complete

  1. Open the final redacted file.
  2. Use Command+F (macOS) or Ctrl+F (Windows) to search for names, IDs, or any words you removed.
  3. Try selecting and copying text near the redacted areas into another document to confirm nothing hidden comes through.
  4. Check document properties and any visible comments one more time.

Be careful with cloud sharing and version history

If the original file was stored in OneDrive or Teams, earlier versions may still exist in version history. Share only the final redacted copy — not the original or any drafts. Confirm that shared links point to the redacted file by opening the link yourself before sending it.

Additional Help

If you need further assistance, you have several options:

  • Bowdoin Bot: Chat with Bowdoin Bot directly from any KB page for instant answers.
  • Phone: Call the Bowdoin College Service Desk at (207) 725-3030.
  • In person: Visit the Tech Hub in Smith Union during business hours.
  • Submit a ticket: Request assistance through the Service Catalog.

Additional Resources

Details

Details

Article ID: 170602
Created
Wed 1/28/26 11:58 AM
Modified
Mon 5/4/26 10:26 AM

Related Articles

Related Articles (2)

Managing Data Loss Protection (DLP) Alerts
Explains Bowdoin's Data Loss Prevention (DLP) policies in Microsoft 365, what sensitive data DLP detects, what users will see when content is flagged across Outlook, OneDrive, Teams, and Copilot, and how to respond to or override DLP warnings.
Override a block when Microsoft 365 flags sensitive information
Explains how to override a Data Loss Prevention (DLP) policy block in Microsoft 365 when sending or sharing content that contains sensitive information. Covers how to assess whether an override is appropriate, how to reduce sensitive content before overriding, and the step-by-step override process in Outlook and Teams/OneDrive. Overrides are logged and reviewed by IT Security.