Override a block when Microsoft 365 flags sensitive information

Summary

Explains how to override a Data Loss Prevention (DLP) policy block in Microsoft 365 when sending or sharing content that contains sensitive information. Covers how to assess whether an override is appropriate, how to reduce sensitive content before overriding, and the step-by-step override process in Outlook and Teams/OneDrive. Overrides are logged and reviewed by IT Security.

Body

Questions

  • How do I override a data loss prevention (DLP) policy block when sending sensitive information in Microsoft 365?
  • Why is Microsoft 365 blocking my email or file, and how can I safely override the DLP warning?
  • What steps do I follow to justify an override of a data loss prevention policy in Outlook or OneDrive?
  • How can I send a blocked attachment or sharing link in Microsoft 365 when I believe it is allowed?
  • What does it mean when I see a DLP policy tip in Microsoft 365, and when is it OK to override it?

Environment

This article applies to Bowdoin faculty and staff using Microsoft 365 apps — including Outlook (web and desktop), OneDrive, Teams, and SharePoint — when a data loss prevention (DLP) policy blocks or warns about sending or sharing content that appears to contain sensitive information such as Social Security numbers or financial data.

Resolution

Understand what the DLP warning means

When you try to send or share something that appears to contain sensitive data, Microsoft 365 may show a policy tip. It may say the content is "not allowed," "restricted," "must be reviewed," or that it "violates your organization's policy." Read the message carefully — it will describe what was found (for example, "possible Social Security number detected").

Decide if the override is truly needed

Before overriding, ask yourself:

  • Does the recipient really need this exact sensitive information?
  • Can I remove or mask part of the data (for example, show only the last 4 digits)?
  • Can I share this more safely — such as through a restricted OneDrive or Teams link instead of an email attachment?

Only continue if you are certain the information must be shared and you are authorized to share it.

Review and reduce the sensitive content, if possible

Before overriding, open the file or email and remove anything that is not necessary. For example, replace full ID numbers with partial values (such as XXX-XX-1234), delete extra pages or personal details that are not required, and use a secure Bowdoin location like Teams or OneDrive where possible. After reducing the sensitive content, try to send or share again — the policy tip may disappear if the content no longer triggers the rule.

Override a DLP block in Outlook

If your message is blocked but an override is permitted, you will see a warning bar near the top of your message.

  1. In the warning bar, click Show details or similar text.
  2. If an override option appears (such as Override policy and send or I have a business justification for sending this content), click it.
  3. Enter a clear, short reason in the Justification field.
  4. Click OK or Submit to confirm.
  5. Click Send again to send the email.
No override option? If you do not see an override option, the DLP policy does not allow overrides for this type of content. Contact the Service Desk for guidance.

Override a DLP block in Teams or OneDrive

When a DLP policy affects a file, you may see a warning icon next to the file name or a banner when you open the file in the browser.

  1. Open the file from Teams or OneDrive in the browser.
  2. Look for a banner or message that mentions POLICY TIP.
  3. Click More Options or similar text to see which rule was triggered.
  4. In the Policy Tip panel on the right, click Override.
  5. Enter a clear, short reason for the override when prompted.
  6. Click Submit, then share the file again.
Overrides are logged and reviewed. When you override a DLP policy, Microsoft 365 logs the action along with your justification. Bowdoin IT Security reviews these logs. Only override when it is necessary and consistent with data handling policies. Never email Restricted data — if you must share it, use Teams or OneDrive with restricted access instead.

Additional Help

If you need further assistance, you have several options:

  • Bowdoin Bot: Chat with Bowdoin Bot directly from any KB page for instant answers.
  • Phone: Call the Bowdoin College Service Desk at (207) 725-3030.
  • In person: Visit the Tech Hub in Smith Union during business hours.
  • Submit a ticket: Request assistance through the Service Catalog.

Additional Resources

Details

Details

Article ID: 170603
Created
Wed 1/28/26 12:08 PM
Modified
Mon 5/4/26 10:21 AM

Related Articles

Related Articles (3)

Information Protection Frequently Asked Questions (FAQ's)
Frequently asked questions about Microsoft 365 information protection labels at Bowdoin. Covers what labels are, what the three label types do, how labels affect documents and emails, and whether labels can be removed.
Managing Data Loss Protection (DLP) Alerts
Explains Bowdoin's Data Loss Prevention (DLP) policies in Microsoft 365, what sensitive data DLP detects, what users will see when content is flagged across Outlook, OneDrive, Teams, and Copilot, and how to respond to or override DLP warnings.
Remove Sensitive and Hidden Information from Microsoft 365 Documents and PDFs
Step-by-step guidance for safely redacting sensitive or confidential information from Microsoft 365 documents and PDFs before sharing. Covers using Inspect Document tools to remove hidden metadata, true redaction using Adobe Acrobat Pro, and how to verify that redaction is complete.