Ask Zac
Security & SSO advanced 30 minutes

How to configure data loss prevention (DLP) in Zoom

Learn how to configure data loss prevention (dlp) in zoom. Step-by-step guide for Zoom administrators with prerequisites, detailed instructions, and troubleshooting tips.

Published February 26, 2026

Data Loss Prevention (DLP) in Zoom involves configuring features to prevent sensitive information from leaving your Zoom environment. While Zoom doesn’t have a single, unified “DLP” feature, you achieve similar protection through various settings and tools. This guide outlines configurations related to data retention, redaction, and legal holds that contribute to a robust data loss prevention strategy in Zoom.

Prerequisites

  • A paid Zoom account.
  • Account owner or admin privileges in the Zoom web portal.
  • Understanding of your organization’s data security policies and compliance requirements (e.g., GDPR, HIPAA, PCI DSS).
  • Consideration of the specific types of data you want to protect (e.g., credit card numbers, social security numbers, PHI).

Configure Data Retention Settings for Zoom Contact Center

This section focuses on retaining Contact Center data, including voicemails, recordings, and messages.

  1. Sign in to the Zoom web portal as an administrator.
  2. Navigate to Contact Center Management.
  3. Click Data Retention.
  4. Specify the data retention period (in days, months, or years) for the following data types:
    • Voicemails
    • Recordings
    • Transcriptions
    • Chat/SMS/Email messages/files
  5. Click Save to apply the data retention settings. Ensure the retention periods align with your legal and compliance obligations.
  6. Review settings regularly to ensure they remain accurate.

Redact Personal Data in Zoom Contact Center

Enable automatic redaction of personal data from Contact Center interactions.

  1. Sign in to the Zoom web portal as an administrator.
  2. Navigate to Contact Center Management.
  3. Click Data Redaction.
  4. Toggle the Automatic Data Redaction setting to Enabled.
  5. Review the acknowledgment regarding the limitations of redaction.
  6. Click Save to confirm the change. Note that this feature currently supports redaction in English.
  7. Test redaction by reviewing sample interactions to ensure the feature is functioning correctly.

Configure Data Redaction Settings for Zoom Revenue Accelerator

Protect sensitive data in Zoom Revenue Accelerator conversations.

  1. Sign in to the Zoom web portal as an administrator.
  2. Navigate to Revenue Accelerator.
  3. Click Settings.
  4. Locate the Sensitive Data Redaction section.
  5. Toggle the Sensitive Data Redaction setting to Enabled.
  6. Select the types of data you want to redact (e.g., credit card numbers, social security numbers).
  7. Review the warning about data being permanently masked with asterisks.
  8. Click Save to apply the data redaction settings. Consider informing Revenue Accelerator users about the redaction feature.

Manage Personal and Sensitive Data Group Settings

Mask PII in voicemails, recordings, and SMS messages at various levels.

  1. Sign in to the Zoom web portal as an administrator.
  2. Navigate to Account Management > Account Settings.
  3. Go to the Security section.
  4. Find the Personal and Sensitive Data Group Settings section. You may need to scroll down or use the search function.
  5. Choose the level at which you want to configure the settings (Account, Group, User, Site).
  6. Toggle the Automatic Masking of PII setting to Enabled.
  7. Select the predefined PII types you want to mask.
  8. Click Save to apply the settings. Ensure users are notified about the implementation of PII masking.

Retain Zoom Team Chat data for legal and compliance needs.

  1. Sign in to the Zoom web portal as an administrator.
  2. Navigate to User Management > Users.
  3. Select the user for whom you want to set a legal hold.
  4. Click the Edit button.
  5. In the user’s profile, look for the Legal Hold section (this may be under a “Compliance” or similar tab).
  6. Enable the Legal Hold setting for the user.
  7. Click Save to apply the legal hold. The user’s Team Chat data will be retained indefinitely in the cloud. This data can be exported as needed. Inform the user about the legal hold, if appropriate.

Manage Data & Storage Location

Choose the geographical location for storing certain Zoom data.

  1. Sign in to the Zoom web portal as an administrator.
  2. Navigate to Account Management > Account Settings.
  3. In the Data Storage section, select the region where you want to store your data. Note: this feature is available for paid accounts only.
  4. Choose from the available regions: Australia, Brazil, Canada, Germany, Japan, Singapore, Mexico, Switzerland, or United States.
  5. Click Save to apply the change. Note that for Mexico and Switzerland, you may need to contact Zoom Support to enable this feature.

Common Issues

  • Redaction is not working as expected: Ensure the feature is enabled at the correct level (Account, Group, User) and that the data being redacted is supported by the redaction engine. Check the language setting.
  • Cannot find the Personal and Sensitive Data Group Settings: The settings might be located under a different section in Account Settings or Security. Use the search function within the Zoom web portal.
  • Data retention policies are conflicting: Review all data retention policies across different Zoom products (Contact Center, Team Chat, Meetings) to ensure they are aligned and do not conflict with each other.
  • Legal Hold not applying to past data: Legal Hold typically applies from the moment it is enabled. Consider exporting existing data before enabling Legal Hold if you need to retain a historical record.
  • Data location change errors: If you encounter errors changing data location, ensure your account meets the requirements (paid account) and that you’ve contacted Zoom Support if required for specific regions.

Frequently Asked Questions

What types of data can Zoom's DLP prevent from being shared?

Zoom DLP can be configured to detect and prevent sharing of sensitive information such as credit card numbers, social security numbers, protected health information (PHI), and other custom defined data patterns within meetings, webinars, and chat.

How do I test my DLP configuration to ensure it's working correctly?

After configuring your DLP policies, you can test them by simulating scenarios where sensitive data is shared in a Zoom meeting or chat. Monitor the DLP logs and reporting to confirm that the policies are triggered as expected and the appropriate actions are taken.

Can I customize the actions taken when DLP detects a violation?

Yes, you can customize actions such as blocking the message, warning the user, or logging the incident for further investigation. The specific actions available depend on your Zoom plan and the type of DLP integration you are using.

What reporting and analytics are available for Zoom's DLP features?

Zoom provides reporting and analytics dashboards that allow you to track DLP violations, identify trends, and measure the effectiveness of your policies. These reports can help you refine your DLP strategy and improve data security.

Need help configuring this?

Ask Zac can walk you through the setup step by step, or configure it for you automatically.

Try Ask Zac →