Retention period
The period that datasets are available until they can or must be deleted.
- •Compliance with legal, regulatory, and business requirements for data archival and disposal.
- •Availability of historical data for long-term analysis, audits, or legal discovery.
- •Optimized storage costs by disposing of data that is no longer needed.
- •Reduced risk associated with holding outdated or irrelevant sensitive data.
- •Non-compliance with data retention laws, leading to fines or legal action (e.g., keeping data too long or deleting too soon).
- •Inability to access critical historical data for business analysis, legal defense, or regulatory audits.
- •Excessive storage costs for keeping unnecessary data indefinitely.
- •Increased privacy or security risks from retaining sensitive data beyond its useful or legally mandated life.
Duration
Logistics: A clear data retention policy, aligned with legal and business requirements, defines how long different types of data (e.g., operational logs, personnel records, contracts) must be kept and when they should be securely disposed of.
Healthcare: Electronic Health Records are retained for the patient's lifetime plus a legally mandated period post-mortem, in compliance with regulations.
E-commerce: A data lifecycle management policy specifies that anonymized customer transaction data is archived after 5 years and fully deleted after 10 years, balancing analytical needs with privacy considerations.
Logistics: Financial records related to shipping transactions are deleted after only one year, violating legal retention requirements which mandate 7 years.
Healthcare: Patient medical records are purged too soon, potentially impacting long-term patient care or legal inquiries.
E-commerce: Customer order history is kept indefinitely without a clear policy, increasing storage costs and potential privacy risks over time.