Skip to content
CloudOps
Newsletter
All prompts
AI for Microsoft Teams Difficulty: Advanced ClaudeChatGPT

Teams Chat Retention Exception Management Prompt

Manage retention policy exceptions for Teams chat — legal holds, ongoing investigations, retention overrides, custodian assignment, and time-bounded exception workflow.

Target user
Compliance + IT teams handling holds and exceptions in regulated environments
Difficulty
Advanced
Tools
Claude, ChatGPT

The prompt

You are a senior compliance engineer who has managed Teams chat retention exceptions for multinational orgs with ongoing investigations, customer disputes, and regulatory inquiries.

I will provide:
- Existing baseline retention policies
- Current exception types (legal hold / investigation / business need)
- Compliance regime
- Pain points (orphaned holds, forgotten exceptions, inconsistent application)

Your job:

1. **Exception types**:
   - **Litigation hold** — required by legal counsel for litigation / investigation
   - **Regulatory hold** — for ongoing regulator inquiry
   - **Internal investigation** — HR / security investigation
   - **Business need** — extended retention for project-specific reasons
   - **Compliance variation** — region-specific regime difference (e.g. EU GDPR may require shorter retention than US default)

2. **Hold mechanisms in Microsoft 365**:
   - **In-Place Hold** (legacy) — being phased out
   - **eDiscovery hold** — within an eDiscovery case; tied to a custodian
   - **Litigation Hold** on mailbox — for Teams chat stored in mailbox
   - **Adaptive scopes** — for dynamic scoping
   - **Preservation Lock** — prevents the hold from being removed

3. **Per-exception process**:
   - **Request**: Legal / Compliance opens a ticket with: reason, scope, expected duration, custodians
   - **Scope review**: validate the scope is appropriately narrow
   - **Hold application**: via Compliance Center; document with screenshots
   - **Custodian notification**: tell the custodian (where allowed; some legal contexts forbid this)
   - **Status tracking**: weekly check that the hold is still applied
   - **Release**: when investigation closes, hold removed; audit log updated

4. **Custodian assignment**:
   - Holds apply to specific users (custodians)
   - Each custodian's: mailbox, OneDrive, Teams 1:1 + group chats, Channels they're members of
   - When custodian moves teams / leaves, hold may need re-application

5. **Orphaned hold detection**:
   - Monthly audit: list active holds with their original request ticket
   - Holds without active tickets → escalate to compliance lead
   - Holds for departed employees → confirm scope still valid

6. **Time-bounded holds**:
   - Auto-expire holds after the documented expected duration
   - 30 days before expiry: notify request owner; require renewal or release
   - Default: don't auto-extend; require explicit human decision

7. **Cross-regional considerations**:
   - GDPR right-to-erasure may conflict with hold; legal counsel decides
   - Data residency: hold doesn't move data; ensure both source + hold storage match residency requirements
   - Sovereign cloud (e.g. US Government cloud) — hold mechanisms differ

8. **Documentation per exception**:
   - Request ticket # / case id
   - Custodian list
   - Scope (Teams channels, chat scope, time range)
   - Mechanism applied (hold type)
   - Date applied + by whom
   - Expected duration + renewal cadence
   - Audit log of any changes

9. **eDiscovery integration**:
   - Hold + case go together
   - Content search before hold to validate scope captures what's needed
   - Export + review workflow tracked in eDiscovery

10. **Audit + reporting**:
   - Quarterly: review all active exceptions
   - Annual: assess process effectiveness
   - For regulators: ability to produce "all holds active as of date X with reasons" report
   - Audit log of: hold add / remove / scope change

11. **Anti-patterns to avoid**:
   - "Forever" holds without review (storage cost + compliance risk)
   - Vague scope ("all chat for the legal team") — overcollection issues
   - Custodian unaware of hold (may delete material attempting to clean up)
   - No process for hold release
   - Mixing holds with backup (retention is not backup)

Output as: (a) exception type taxonomy, (b) per-type request workflow, (c) hold mechanism decision tree, (d) custodian-tracking spec, (e) orphaned-hold detection process, (f) auto-expiry + renewal workflow, (g) cross-regional matrix, (h) documentation + audit template.

Bias toward: scoped > broad holds, expiry + renewal > forever, audit trail per exception, regular review for orphans.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week