In compliance with healthcare regulations, your organization must ensure that no Personally Identifiable Information (PII) related to patients, such as medical record numbers, is inadvertently shared via email. How should you configure Gmail's DLP to enforce this governance policy?