{"id":237371,"date":"2026-01-28T07:35:17","date_gmt":"2026-01-28T07:35:17","guid":{"rendered":"https:\/\/osmosys.co\/uk\/?p=237371"},"modified":"2026-01-28T07:35:21","modified_gmt":"2026-01-28T07:35:21","slug":"trust-by-a-data-governance-microsoft-purview-ai","status":"publish","type":"post","link":"https:\/\/osmosys.co\/uk\/trust-by-a-data-governance-microsoft-purview-ai\/","title":{"rendered":"Trust by Design: Data Governance for Cloud + AI"},"content":{"rendered":"<div id=\"bsf_rt_marker\"><\/div>\n<p>If your teams don\u2019t trust the data, they won\u2019t use it. And if they can\u2019t use it, cloud modernization turns into \u201cnew infrastructure, same confusion.\u201d<\/p>\n\n\n\n<p><a href=\"https:\/\/osmosys.co\/blog\/ai-first-copilot-adoption-real-world\/\">This becomes even more visible when <strong>AI<\/strong> enters the conversation<\/a>. Copilots, analytics, and automation don\u2019t fix messy ownership, unclear definitions, or uncontrolled access. They amplify whatever foundation you already have.<\/p>\n\n\n\n<p>The motivation isn\u2019t abstract. IBM\u2019s Cost of a Data Breach Report pegs the global average breach cost in the <strong>millions of USD per incident<\/strong>, which is enough to make \u201cgovernance later\u201d a business risk\u2014not an IT preference.<\/p>\n\n\n\n<p>This post is a practical guide to building governed, trustworthy data foundations using <strong>Microsoft Purview<\/strong>, with a step-by-step framework, a healthcare migration scenario, and a checklist you can apply to your next Azure or Dynamics 365 program. (This is not legal advice\u2014treat compliance notes as high-level guidance and validate with your legal\/security teams.)<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Why data governance is the backbone of cloud modernization (and AI readiness)<\/h2>\n\n\n\n<p>Most cloud programs don\u2019t fail because teams can\u2019t move data. They struggle because teams can\u2019t answer basic questions consistently:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>What is the \u201cright\u201d customer record?<\/li>\n\n\n\n<li>Which datasets contain sensitive personal information?<\/li>\n\n\n\n<li>Who owns the data product\u2014and who approves access?<\/li>\n\n\n\n<li>Can we prove where a number came from (lineage) when a leader challenges it?<\/li>\n<\/ul>\n\n\n\n<p>Governance is how you make those answers repeatable.<\/p>\n\n\n\n<p>A governed data foundation helps you:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Reduce rework<\/strong> caused by inconsistent definitions and duplicated datasets<\/li>\n\n\n\n<li><strong>Improve decision confidence<\/strong> by clarifying lineage and ownership<\/li>\n\n\n\n<li><strong>Control risk<\/strong> through classification, access policies, and auditing<\/li>\n\n\n\n<li><strong>Scale responsibly<\/strong> across regions, business units, and platforms<\/li>\n<\/ul>\n\n\n\n<p>Microsoft frames Purview\u2019s governance capabilities around visibility, confidence, and responsible innovation\u2014especially relevant as organizations build for the era of AI.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What Microsoft Purview does in a modern data governance setup<\/h2>\n\n\n\n<p>Microsoft Purview is often introduced as \u201cdata cataloging.\u201d In practice, it\u2019s a governance layer that helps you inventory data, understand it, classify it, and manage how it\u2019s accessed and used\u2014across a heterogeneous estate.<\/p>\n\n\n\n<p>Key capabilities to understand (and how they map to real delivery work):<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) Data discovery + inventory (know what exists)<\/h3>\n\n\n\n<p>You can\u2019t govern what you can\u2019t see. A real program starts with building an inventory of data assets and their metadata\u2014across sources.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2) Catalog + business context (make it usable)<\/h3>\n\n\n\n<p>A catalog isn\u2019t valuable because it exists\u2014it\u2019s valuable because people can find the right dataset, understand what it means, and know whether they\u2019re allowed to use it.<\/p>\n\n\n\n<p>Microsoft\u2019s newer Purview <strong>Unified Catalog<\/strong> experience emphasizes governance domains, critical data elements, and policy-driven access\u2014designed for scaling governance in large environments.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3) Lineage (prove where data came from)<\/h3>\n\n\n\n<p>When leaders challenge a number, \u201ctrust me\u201d doesn\u2019t work. Lineage helps teams show how data moved and transformed\u2014supporting both operational confidence and auditability.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4) Classification + compliance signals (treat sensitive data differently)<\/h3>\n\n\n\n<p>Purview supports understanding and governing sensitive data types so your controls match the risk profile\u2014especially important for regulated data and cross-region operations.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">5) Access policies + right-use controls (balance safety and self-service)<\/h3>\n\n\n\n<p>Governance that blocks work creates shadow systems. Governance that enables safe self-service is what scales. Purview\u2019s access-policy direction is explicitly designed to pair access with right-use requirements.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">A practical framework: \u201cTrust by Design\u201d in 6 steps<\/h2>\n\n\n\n<p>This is the version of governance that holds up in real cloud projects\u2014not a document-heavy effort that teams ignore.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Define the trust scope (what \u201cmust be governed\u201d)<\/h3>\n\n\n\n<p>Start by identifying:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Critical data elements<\/strong> (e.g., Customer, Patient, Asset, Contract, Incident)<\/li>\n\n\n\n<li>The top 5\u201310 <strong>decisions<\/strong> leaders make that depend on those elements<\/li>\n\n\n\n<li>The systems involved (Dynamics 365, data lake, ERP, support tools, spreadsheets)<\/li>\n<\/ul>\n\n\n\n<p>Outcome: a short list of \u201cdata that matters,\u201d not an impossible mandate to govern everything.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Set governance roles that match delivery reality<\/h3>\n\n\n\n<p>Governance fails when ownership is vague. Assign:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Data owner<\/strong> (accountable for policy and definition)<\/li>\n\n\n\n<li><strong>Data steward<\/strong> (maintains metadata, quality rules, glossary)<\/li>\n\n\n\n<li><strong>Platform owner<\/strong> (security, infrastructure, and access enforcement)<\/li>\n\n\n\n<li><strong>Consumers<\/strong> (teams who use data and request changes)<\/li>\n<\/ul>\n\n\n\n<p>Keep it practical: if you can\u2019t name the owner, the dataset is not production-ready.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Build the catalog around how teams search (not how IT stores)<\/h3>\n\n\n\n<p>Organize by business-aligned domains (finance, sales, operations, clinical, etc.). The goal is discoverability:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Clear dataset names<\/li>\n\n\n\n<li>Plain-language descriptions<\/li>\n\n\n\n<li>Data freshness expectations<\/li>\n\n\n\n<li>\u201cKnown limitations\u201d and intended usage<\/li>\n<\/ul>\n\n\n\n<p>Purview\u2019s governance-domain concept supports this style of scaling.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Classify sensitive data early (so controls aren\u2019t an afterthought)<\/h3>\n\n\n\n<p>Do this before you open broad access:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Identify personal, financial, and health-related fields<\/li>\n\n\n\n<li>Define handling rules (masking, restricted access, retention)<\/li>\n\n\n\n<li>Separate non-sensitive analytics datasets from raw sensitive data where appropriate<\/li>\n<\/ul>\n\n\n\n<p>This is where teams often get stuck because they discover sensitive fields <em>after<\/em> dashboards are built.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Implement access as a workflow (fast, auditable, and consistent)<\/h3>\n\n\n\n<p>A good pattern is:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Standard access request path<\/li>\n\n\n\n<li>Clear approval rules tied to owners and purpose<\/li>\n\n\n\n<li>Time-bound access where appropriate<\/li>\n\n\n\n<li>Audit logging for who accessed what and when<\/li>\n<\/ul>\n\n\n\n<p>Purview\u2019s direction here is to balance self-service with enforcement and compliance context.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Operationalize governance (treat it like a product, not a project)<\/h3>\n\n\n\n<p>Governance isn\u2019t a one-time setup. Put it on a cadence:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Monthly stewardship review (quality + definitions)<\/li>\n\n\n\n<li>Quarterly policy review (access + compliance changes)<\/li>\n\n\n\n<li>Incident loop (when a data issue happens, fix the root cause and update rules)<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Example scenario: a healthcare cloud migration that doesn\u2019t break trust<\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" data-src=\"https:\/\/osmosys.co\/wp-content\/uploads\/2026\/01\/2-2.png\" alt=\"AI workflow architecture for Microsoft Copilot with permissions-aware grounding, Microsoft Purview governance, and auditable access.\" class=\"wp-image-239666 lazyload\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><\/figure>\n\n\n\n<p>Imagine a healthcare provider modernizing case management and analytics:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Clinical and service teams use Dynamics 365 for workflows<\/li>\n\n\n\n<li>Data is consolidated into Azure for reporting and operational insights<\/li>\n\n\n\n<li>The organization must protect patient information under HIPAA requirements<\/li>\n<\/ul>\n\n\n\n<p>HIPAA\u2019s Privacy Rule is designed to protect individually identifiable health information, and covered entities must be deliberate about how that data is used and disclosed.<\/p>\n\n\n\n<p>In a \u201ctrust by design\u201d migration, the program would:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Classify patient data fields early and restrict access by role and purpose<\/li>\n\n\n\n<li>Catalog approved datasets so teams don\u2019t export sensitive data into uncontrolled spreadsheets<\/li>\n\n\n\n<li>Use lineage and stewardship to explain what a metric means (and how it was calculated)<\/li>\n\n\n\n<li>Put access requests on a defined workflow so audits don\u2019t become a scramble<\/li>\n<\/ul>\n\n\n\n<p>The result isn\u2019t just \u201ccompliance.\u201d It\u2019s confidence: teams can move faster because they aren\u2019t guessing which dataset is safe to use.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The 10 must-haves checklist (asset)<\/h2>\n\n\n\n<p><strong>Asset:<\/strong> <em>10 Data Governance Must-Haves in Cloud Projects<\/em> (turn this into a one-page PDF\/infographic for the post)<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Named owners for critical datasets<\/li>\n\n\n\n<li>Business glossary for key terms (Customer, Revenue, Case, etc.)<\/li>\n\n\n\n<li>Governance domains aligned to how the business operates<\/li>\n\n\n\n<li>Catalog coverage for priority systems (not everything, but what matters)<\/li>\n\n\n\n<li>Data classification for sensitive fields<\/li>\n\n\n\n<li>Access workflows with approvals and audit trails<\/li>\n\n\n\n<li>Lineage for executive-facing dashboards\/metrics<\/li>\n\n\n\n<li>Quality rules + thresholds for trusted datasets<\/li>\n\n\n\n<li>Regular stewardship cadence (monthly\/quarterly)<\/li>\n\n\n\n<li>A feedback loop: how issues get reported, fixed, and prevented<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Region angle: what changes across ANZ, US, and Canada<\/h2>\n\n\n\n<p>If you operate across regions, governance has to support multiple privacy expectations\u2014without building three separate platforms.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Australia (ANZ):<\/strong> The Australian Privacy Principles (APPs) are a core part of the Privacy Act framework.<\/li>\n\n\n\n<li><strong>United States:<\/strong> Privacy expectations vary by state; California\u2019s CCPA is a widely-referenced baseline for consumer privacy rights.<\/li>\n\n\n\n<li><strong>Canada:<\/strong> PIPEDA is the federal private-sector privacy law\u2014relevant for organizations handling personal information in commercial activities.<\/li>\n<\/ul>\n\n\n\n<p>For global companies (including those in Canada and ANZ serving EU residents), GDPR may also be in scope depending on where data subjects are and how processing occurs.<\/p>\n\n\n\n<p>The practical takeaway: design governance so policies, classification, and auditing are consistent\u2014then adapt controls where regional requirements differ.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Common pitfalls (and how to avoid them)<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Pitfall 1: Treating governance as documentation<\/h3>\n\n\n\n<p>If it lives only in a slide deck, it won\u2019t survive delivery pressure. Build governance into workflows: access, ownership, and publishing.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pitfall 2: Tool-first thinking<\/h3>\n\n\n\n<p>Microsoft Purview is an enabler, not the strategy. Start with decisions, data products, and ownership\u2014then configure tools to support that reality.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pitfall 3: Over-restricting access (creating shadow systems)<\/h3>\n\n\n\n<p>If approvals take weeks, teams will export data elsewhere. Use safe self-service patterns with auditability.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pitfall 4: Ignoring AI readiness<\/h3>\n\n\n\n<p>If your goal includes copilots or automation, governance needs to define what data is approved for those workflows and what needs redaction, masking, or tighter controls.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Implementation success metrics (what to measure)<\/h2>\n\n\n\n<p>Keep metrics simple and outcome-linked:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>% of priority datasets with named owner + steward<\/li>\n\n\n\n<li>Median time to approve\/deny data access requests<\/li>\n\n\n\n<li>% of executive dashboards with lineage documented<\/li>\n\n\n\n<li>Reduction in duplicate datasets for the same business concept<\/li>\n\n\n\n<li>Data quality incidents per month (and time to resolution)<\/li>\n\n\n\n<li>Adoption: catalog searches, dataset subscriptions, approved usage growth<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" data-src=\"https:\/\/osmosys.co\/wp-content\/uploads\/2026\/01\/3-2.png\" alt=\"AI-enabled Copilot integration diagram connecting users to Dynamics 365 CRM, Dataverse, and cloud data through policy-based governance.\" class=\"wp-image-239667 lazyload\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Modernization that earns trust<\/h2>\n\n\n\n<p>Cloud projects move faster when the foundation is trusted. Governance isn\u2019t bureaucracy\u2014it\u2019s how you make data usable, secure, and explainable across teams and regions.<\/p>\n\n\n\n<p>And if <strong>AI<\/strong> is on your roadmap, this matters even more. The organizations that get value from copilots and automation usually have one thing in common: they know what data they have, who owns it, and how it\u2019s allowed to be used.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/osmosys.co\/book-a-demo-2\/\"><img decoding=\"async\" data-src=\"https:\/\/osmosys.co\/wp-content\/uploads\/2026\/01\/4.png\" alt=\"AI Copilot enterprise architecture diagram highlighting data governance, identity access controls, and trusted outputs across business workflows.\" class=\"wp-image-239668 lazyload\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><\/a><\/figure>\n\n\n\n<p>Book a <strong>Data Governance Consultation<\/strong> with Osmosys\u2014get a practical maturity assessment and a roadmap you can execute in the next 90 days.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">FAQs<\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1769498386613\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \">What is Microsoft Purview used for?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Microsoft Purview helps organizations govern and secure data by improving visibility, cataloging, compliance support, and policy-driven controls across data estates.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1769498397696\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \">Do small teams need data governance?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes\u2014especially if you\u2019re migrating to cloud, building executive dashboards, or introducing automation. Start small with critical data elements and clear ownership, then scale.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1769498415629\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \">How does governance support AI initiatives?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>AI depends on trusted, well-defined, appropriately controlled data. Governance clarifies what data is approved for use, who owns it, and how it should be accessed and monitored.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1769498440312\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \">What regulations should ANZ, US, and Canada teams consider?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Common reference points include Australia\u2019s APPs, California\u2019s CCPA, and Canada\u2019s PIPEDA. Applicability depends on your operations and where your customers\/data subjects are.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n\n\n","protected":false},"excerpt":{"rendered":"<p>If your teams don\u2019t trust the data, they won\u2019t use it. And if they can\u2019t use it, cloud modernization turns into \u201cnew infrastructure, same confusion.\u201d This becomes even more visible when AI enters the conversation. Copilots, analytics, and automation don\u2019t fix messy ownership, unclear definitions, or uncontrolled access. They amplify whatever foundation you already have. [&hellip;]<\/p>\n","protected":false},"author":44,"featured_media":237372,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"off","_et_pb_old_content":"<!-- wp:paragraph -->\n<p>If your teams don\u2019t trust the data, they won\u2019t use it. And if they can\u2019t use it, cloud modernization turns into \u201cnew infrastructure, same confusion.\u201d<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>This becomes even more visible when <strong>AI<\/strong> enters the conversation. Copilots, analytics, and automation don\u2019t fix messy ownership, unclear definitions, or uncontrolled access. They amplify whatever foundation you already have.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>The motivation isn\u2019t abstract. IBM\u2019s Cost of a Data Breach Report pegs the global average breach cost in the <strong>millions of USD per incident<\/strong>, which is enough to make \u201cgovernance later\u201d a business risk\u2014not an IT preference.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>This post is a practical guide to building governed, trustworthy data foundations using <strong>Microsoft Purview<\/strong>, with a step-by-step framework, a healthcare migration scenario, and a checklist you can apply to your next Azure or Dynamics 365 program. (This is not legal advice\u2014treat compliance notes as high-level guidance and validate with your legal\/security teams.)<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Why data governance is the backbone of cloud modernization (and AI readiness)<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Most cloud programs don\u2019t fail because teams can\u2019t move data. They struggle because teams can\u2019t answer basic questions consistently:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>What is the \u201cright\u201d customer record?<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Which datasets contain sensitive personal information?<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Who owns the data product\u2014and who approves access?<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Can we prove where a number came from (lineage) when a leader challenges it?<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>Governance is how you make those answers repeatable.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>A governed data foundation helps you:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li><strong>Reduce rework<\/strong> caused by inconsistent definitions and duplicated datasets<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li><strong>Improve decision confidence<\/strong> by clarifying lineage and ownership<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li><strong>Control risk<\/strong> through classification, access policies, and auditing<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li><strong>Scale responsibly<\/strong> across regions, business units, and platforms<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>Microsoft frames Purview\u2019s governance capabilities around visibility, confidence, and responsible innovation\u2014especially relevant as organizations build for the era of AI.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">What Microsoft Purview does in a modern data governance setup<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Microsoft Purview is often introduced as \u201cdata cataloging.\u201d In practice, it\u2019s a governance layer that helps you inventory data, understand it, classify it, and manage how it\u2019s accessed and used\u2014across a heterogeneous estate.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>Key capabilities to understand (and how they map to real delivery work):<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">1) Data discovery + inventory (know what exists)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>You can\u2019t govern what you can\u2019t see. A real program starts with building an inventory of data assets and their metadata\u2014across sources.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">2) Catalog + business context (make it usable)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>A catalog isn\u2019t valuable because it exists\u2014it\u2019s valuable because people can find the right dataset, understand what it means, and know whether they\u2019re allowed to use it.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>Microsoft\u2019s newer Purview <strong>Unified Catalog<\/strong> experience emphasizes governance domains, critical data elements, and policy-driven access\u2014designed for scaling governance in large environments.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">3) Lineage (prove where data came from)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>When leaders challenge a number, \u201ctrust me\u201d doesn\u2019t work. Lineage helps teams show how data moved and transformed\u2014supporting both operational confidence and auditability.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">4) Classification + compliance signals (treat sensitive data differently)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Purview supports understanding and governing sensitive data types so your controls match the risk profile\u2014especially important for regulated data and cross-region operations.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">5) Access policies + right-use controls (balance safety and self-service)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Governance that blocks work creates shadow systems. Governance that enables safe self-service is what scales. Purview\u2019s access-policy direction is explicitly designed to pair access with right-use requirements.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">A practical framework: \u201cTrust by Design\u201d in 6 steps<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>This is the version of governance that holds up in real cloud projects\u2014not a document-heavy effort that teams ignore.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Step 1: Define the trust scope (what \u201cmust be governed\u201d)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Start by identifying:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li><strong>Critical data elements<\/strong> (e.g., Customer, Patient, Asset, Contract, Incident)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>The top 5\u201310 <strong>decisions<\/strong> leaders make that depend on those elements<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>The systems involved (Dynamics 365, data lake, ERP, support tools, spreadsheets)<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>Outcome: a short list of \u201cdata that matters,\u201d not an impossible mandate to govern everything.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Step 2: Set governance roles that match delivery reality<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Governance fails when ownership is vague. Assign:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li><strong>Data owner<\/strong> (accountable for policy and definition)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li><strong>Data steward<\/strong> (maintains metadata, quality rules, glossary)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li><strong>Platform owner<\/strong> (security, infrastructure, and access enforcement)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li><strong>Consumers<\/strong> (teams who use data and request changes)<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>Keep it practical: if you can\u2019t name the owner, the dataset is not production-ready.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Step 3: Build the catalog around how teams search (not how IT stores)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Organize by business-aligned domains (finance, sales, operations, clinical, etc.). The goal is discoverability:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>Clear dataset names<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Plain-language descriptions<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Data freshness expectations<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>\u201cKnown limitations\u201d and intended usage<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>Purview\u2019s governance-domain concept supports this style of scaling.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Step 4: Classify sensitive data early (so controls aren\u2019t an afterthought)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Do this before you open broad access:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>Identify personal, financial, and health-related fields<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Define handling rules (masking, restricted access, retention)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Separate non-sensitive analytics datasets from raw sensitive data where appropriate<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>This is where teams often get stuck because they discover sensitive fields <em>after<\/em> dashboards are built.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Step 5: Implement access as a workflow (fast, auditable, and consistent)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>A good pattern is:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>Standard access request path<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Clear approval rules tied to owners and purpose<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Time-bound access where appropriate<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Audit logging for who accessed what and when<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>Purview\u2019s direction here is to balance self-service with enforcement and compliance context.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Step 6: Operationalize governance (treat it like a product, not a project)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Governance isn\u2019t a one-time setup. Put it on a cadence:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>Monthly stewardship review (quality + definitions)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Quarterly policy review (access + compliance changes)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Incident loop (when a data issue happens, fix the root cause and update rules)<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Example scenario: a healthcare cloud migration that doesn\u2019t break trust<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Imagine a healthcare provider modernizing case management and analytics:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>Clinical and service teams use Dynamics 365 for workflows<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Data is consolidated into Azure for reporting and operational insights<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>The organization must protect patient information under HIPAA requirements<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>HIPAA\u2019s Privacy Rule is designed to protect individually identifiable health information, and covered entities must be deliberate about how that data is used and disclosed.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>In a \u201ctrust by design\u201d migration, the program would:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>Classify patient data fields early and restrict access by role and purpose<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Catalog approved datasets so teams don\u2019t export sensitive data into uncontrolled spreadsheets<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Use lineage and stewardship to explain what a metric means (and how it was calculated)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Put access requests on a defined workflow so audits don\u2019t become a scramble<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>The result isn\u2019t just \u201ccompliance.\u201d It\u2019s confidence: teams can move faster because they aren\u2019t guessing which dataset is safe to use.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">The 10 must-haves checklist (asset)<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p><strong>Asset:<\/strong> <em>10 Data Governance Must-Haves in Cloud Projects<\/em> (turn this into a one-page PDF\/infographic for the post)<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list {\"ordered\":true} -->\n<ol class=\"wp-block-list\"><!-- wp:list-item -->\n<li>Named owners for critical datasets<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Business glossary for key terms (Customer, Revenue, Case, etc.)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Governance domains aligned to how the business operates<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Catalog coverage for priority systems (not everything, but what matters)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Data classification for sensitive fields<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Access workflows with approvals and audit trails<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Lineage for executive-facing dashboards\/metrics<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Quality rules + thresholds for trusted datasets<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Regular stewardship cadence (monthly\/quarterly)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>A feedback loop: how issues get reported, fixed, and prevented<\/li>\n<!-- \/wp:list-item --><\/ol>\n<!-- \/wp:list -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Region angle: what changes across ANZ, US, and Canada<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>If you operate across regions, governance has to support multiple privacy expectations\u2014without building three separate platforms.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li><strong>Australia (ANZ):<\/strong> The Australian Privacy Principles (APPs) are a core part of the Privacy Act framework.<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li><strong>United States:<\/strong> Privacy expectations vary by state; California\u2019s CCPA is a widely-referenced baseline for consumer privacy rights.<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li><strong>Canada:<\/strong> PIPEDA is the federal private-sector privacy law\u2014relevant for organizations handling personal information in commercial activities.<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:paragraph -->\n<p>For global companies (including those in Canada and ANZ serving EU residents), GDPR may also be in scope depending on where data subjects are and how processing occurs.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>The practical takeaway: design governance so policies, classification, and auditing are consistent\u2014then adapt controls where regional requirements differ.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Common pitfalls (and how to avoid them)<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Pitfall 1: Treating governance as documentation<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>If it lives only in a slide deck, it won\u2019t survive delivery pressure. Build governance into workflows: access, ownership, and publishing.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Pitfall 2: Tool-first thinking<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Microsoft Purview is an enabler, not the strategy. Start with decisions, data products, and ownership\u2014then configure tools to support that reality.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Pitfall 3: Over-restricting access (creating shadow systems)<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>If approvals take weeks, teams will export data elsewhere. Use safe self-service patterns with auditability.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\">Pitfall 4: Ignoring AI readiness<\/h3>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>If your goal includes copilots or automation, governance needs to define what data is approved for those workflows and what needs redaction, masking, or tighter controls.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Implementation success metrics (what to measure)<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Keep metrics simple and outcome-linked:<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>% of priority datasets with named owner + steward<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Median time to approve\/deny data access requests<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>% of executive dashboards with lineage documented<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Reduction in duplicate datasets for the same business concept<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Data quality incidents per month (and time to resolution)<\/li>\n<!-- \/wp:list-item -->\n\n<!-- wp:list-item -->\n<li>Adoption: catalog searches, dataset subscriptions, approved usage growth<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list -->\n\n<!-- wp:image -->\n<figure class=\"wp-block-image\"><img alt=\"\"\/><\/figure>\n<!-- \/wp:image -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Modernization that earns trust<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:paragraph -->\n<p>Cloud projects move faster when the foundation is trusted. Governance isn\u2019t bureaucracy\u2014it\u2019s how you make data usable, secure, and explainable across teams and regions.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>And if <strong>AI<\/strong> is on your roadmap, this matters even more. The organizations that get value from copilots and automation usually have one thing in common: they know what data they have, who owns it, and how it\u2019s allowed to be used.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p><strong>CTA:<\/strong> Book a <strong>Data Governance Consultation<\/strong> with Osmosys\u2014get a practical maturity assessment and a roadmap you can execute in the next 90 days.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:separator -->\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<!-- \/wp:separator -->\n\n<!-- wp:heading -->\n<h2 class=\"wp-block-heading\">FAQs<\/h2>\n<!-- \/wp:heading -->\n\n<!-- wp:rank-math\/faq-block {\"questions\":[{\"id\":\"faq-question-1769498386613\",\"title\":\"What is Microsoft Purview used for?\",\"content\":\"Microsoft Purview helps organizations govern and secure data by improving visibility, cataloging, compliance support, and policy-driven controls across data estates.\",\"visible\":true},{\"id\":\"faq-question-1769498397696\",\"title\":\"Do small teams need data governance?\",\"content\":\"Yes\u2014especially if you\u2019re migrating to cloud, building executive dashboards, or introducing automation. Start small with critical data elements and clear ownership, then scale.\",\"visible\":true},{\"id\":\"faq-question-1769498415629\",\"title\":\"How does governance support AI initiatives?\",\"content\":\"AI depends on trusted, well-defined, appropriately controlled data. Governance clarifies what data is approved for use, who owns it, and how it should be accessed and monitored.\",\"visible\":true},{\"id\":\"faq-question-1769498440312\",\"title\":\"What regulations should ANZ, US, and Canada teams consider?\",\"content\":\"Common reference points include Australia\u2019s APPs, California\u2019s CCPA, and Canada\u2019s PIPEDA. Applicability depends on your operations and where your customers\/data subjects are.\",\"visible\":true}]} -->\n<div class=\"wp-block-rank-math-faq-block\"><div class=\"rank-math-faq-item\"><h3 class=\"rank-math-question\">What is Microsoft Purview used for?<\/h3><div class=\"rank-math-answer\">Microsoft Purview helps organizations govern and secure data by improving visibility, cataloging, compliance support, and policy-driven controls across data estates.<\/div><\/div><div class=\"rank-math-faq-item\"><h3 class=\"rank-math-question\">Do small teams need data governance?<\/h3><div class=\"rank-math-answer\">Yes\u2014especially if you\u2019re migrating to cloud, building executive dashboards, or introducing automation. Start small with critical data elements and clear ownership, then scale.<\/div><\/div><div class=\"rank-math-faq-item\"><h3 class=\"rank-math-question\">How does governance support AI initiatives?<\/h3><div class=\"rank-math-answer\">AI depends on trusted, well-defined, appropriately controlled data. Governance clarifies what data is approved for use, who owns it, and how it should be accessed and monitored.<\/div><\/div><div class=\"rank-math-faq-item\"><h3 class=\"rank-math-question\">What regulations should ANZ, US, and Canada teams consider?<\/h3><div class=\"rank-math-answer\">Common reference points include Australia\u2019s APPs, California\u2019s CCPA, and Canada\u2019s PIPEDA. Applicability depends on your operations and where your customers\/data subjects are.<\/div><\/div><\/div>\n<!-- \/wp:rank-math\/faq-block -->\n\n<!-- wp:heading {\"level\":3} -->\n<h3 class=\"wp-block-heading\"><\/h3>\n<!-- \/wp:heading -->","_et_gb_content_width":"","_lmt_disableupdate":"","_lmt_disable":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[75,135],"tags":[58,140,51],"class_list":["post-237371","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai","category-azure","tag-ai","tag-azure","tag-copilot-ai"],"modified_by":"mounika","jetpack_featured_media_url":"https:\/\/osmosys.co\/uk\/wp-content\/uploads\/sites\/6\/2026\/01\/1-2.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/posts\/237371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/comments?post=237371"}],"version-history":[{"count":1,"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/posts\/237371\/revisions"}],"predecessor-version":[{"id":237373,"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/posts\/237371\/revisions\/237373"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/media\/237372"}],"wp:attachment":[{"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/media?parent=237371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/categories?post=237371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/osmosys.co\/uk\/wp-json\/wp\/v2\/tags?post=237371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}