Overview
Data retention is defined as ‘the policies of persistent data and records management for meeting legal and business data archival requirements’[i]. Most companies today have data retention policies. Data can be expensive to store not only because of the cost of storage, but also because of the potential liability of keeping information for too long. Data retention policies can also limit exposure to security breaches. Data retention policies cover what data should be stored, where it will be stored, and for how long. Once the retention time period for an agreed upon data set expires, it should be purged.
What should a data retention policy include?
A data retention policy should indicate the purpose for retaining information, define the data to be retained, and outline a retention scope. The policy should include detailed data retention requirements such as a general retention schedule, rules for safeguarding data during retention, guidelines for destruction of data, and rules for breach, enforcement, and compliance.
QuestMark’s Retention Policy
QuestMark maintains a retention policy for every active client. QuestMark will review the retention policy with you and your team during onboarding and when policy changes occur. Clients should review, sign and date, and retain a copy of the retention policy.
Questions
For more information, call us at 713-662-9022 to speak with your project manager or complete our online request form.
[i] Data Retention definition from https://en.wikipedia.org/wiki/Data_retention.
