Microsoft is pushing AI from chat into regulated personal data and autonomous desktop execution at the same time, and IT operators need a governance plan for both before either lands in production. Two releases this week—Copilot Health Preview and Copilot Studio’s computer-using agents hitting GA—extend what Microsoft’s platform can touch inside and outside the enterprise. That means endpoint configuration, compliance boundaries, and automation deployment sequencing all get a new surface area.
What changed
Copilot Health is now in preview for US Microsoft 365 subscribers aged 18+. It aggregates wearable data (Apple Health) and medical records from over 50,000 US provider organizations into a single AI interface for personalized health insights. Microsoft isolated this in a dedicated secure environment: health data is encrypted and excluded from AI model training. The service holds ISO/IEC 42001 certification.
Separately, Copilot Studio’s May 2026 update made computer-using agents generally available. These agents interact directly with website and desktop UIs instead of requiring APIs, which means legacy systems that relied on brittle screen-scraping scripts can now be automated through the Copilot platform. The update also shipped a redesigned visual workflow designer, GA agent-to-agent communication, Work IQ REST API support, and real-time voice agents for Dynamics 365 in North America.
Why operators should care
Copilot Health brings regulated personal health information inside the Microsoft 365 tenant boundary. Even though Microsoft walls this data off from model training, admins still need to configure tenant access controls, decide whether to allow Apple Health syncing on managed devices, and prep support desks for consumer-health data inquiries. If a user’s personal Copilot Health data surfaces in a support ticket, your team needs a playbook for that.
The computer-using agents change the automation risk model. When an agent authenticates and clicks through a legacy desktop app using vaulted credentials, it leaves a different audit trail than an API call—or none at all, if you haven’t set up monitoring. This demands updated change management: UI layout changes in a legacy line-of-business app can now break an agent workflow the same way an API version bump breaks an integration. Credential vaulting in Copilot Studio needs to be locked down before any agent touches a production system.
The connection nobody’s talking about
These aren’t two unrelated announcements. Copilot Health proves Microsoft can build compliant, walled-garden workflows around regulated, fragmented data. Computer-using agents prove they can turn platform intelligence into autonomous UI manipulation. Together they point to a near-term scenario where a health insight triggers an unattended workflow: an agent detecting a critical lab result navigates a legacy EMR desktop app, schedules a follow-up using vaulted credentials, and executes the UI clicks—no human in the loop, no API. The governance challenge isn’t theoretical. It’s credential management, audit trail design, and UI-change monitoring for agents that act like authenticated users.
What to do now
Audit your Microsoft 365 tenant settings to restrict Copilot Health preview access to compliant user groups and establish clear support boundaries for personal health data syncing. Inventory your existing script-based legacy automations to identify candidates for replacement with computer-using agents. Configure strict credential vaulting policies in Copilot Studio before deploying any UI-automation agents to production. Update change management procedures to account for agents that authenticate and interact directly with desktop applications—UI updates in legacy systems should trigger agent workflow reviews the same way API changes do. Set up monitoring for agent-to-agent communication and Work IQ REST API calls so you can see what autonomous cross-system actions are actually running.
Sources
- Microsoft Launches Copilot Health Preview in US (Source)
- Microsoft Copilot Studio: Computer-Using Agents GA (Microsoft 365 Blog)
