A Retention Policy in Plain Logic: Keep, Then Delete
If we never decide when data dies, it will haunt us forever. We propose a simple, human-readable retention strategy that clears the digital clutter.
The Attic of the Firm
Imagine if you kept every piece of paper that ever entered your office. Every receipt, every draft, every post-it note. Your office would be a fire hazard. It would be impossible to navigate.
Yet, this is exactly what we do with our servers.
We operate on a default setting of “Keep Forever.” We are afraid to delete. We think that deleting is losing value.
This is a mistake.
Data has a lifecycle. It is born when a client engages us. It lives while we work. And it must die when the work is done. If you disrupt this cycle, you create a zombie archive—dead data that walks among the living, consuming resources and inviting risk.
The Liability: The Haunting
The danger of “Forever Storage” is that you forget what you have.
I recently saw a firm hacked. The attackers didn’t just steal the current active files; they stole a backup from eight years ago containing the financial details of people who had long since ceased to be clients.
The firm had to call these people. “Hello, remember us? We haven’t spoken in a decade, but we just lost your passport scan.”
Voilà, the reputation is destroyed.
You are liable for every record you hold. If you hold it for no reason, you are holding risk for no reward. That is bad business.
The Safeguard: The Plain-Language Schedule
We do not need a complex legal retention policy that no one reads. We need a simple table that the team can actually follow.
We call it The Keep/Delete Protocol.
| Data Type | The Trigger | The Action |
|---|---|---|
| Prospect Emails | No reply for 6 months | Delete |
| Client Work Files | Project Closed + 3 Years | Delete |
| Financial Records | Tax Audit Period (7 Years) | Delete |
| Sensitive IDs (Passport) | Verification Complete | Delete Immediately |
Print this out. Stick it on the wall.
When the trigger happens, the action must follow. It is not emotional; it is procedural.
There is a profound elegance in a clean database. It means you are agile. It means you are current. And it means that when you say to a client, “Your data is safe with us,” you are telling the truth—because you are not leaving it to rot in a forgotten digital attic.
Clean your house.
FAQs
But storage is cheap, why not keep it all?
Because lawyers are expensive. The cost of data is not the hard drive; it is the risk attached to every byte.
What if a client asks for an old file?
You tell them: 'For your security, we destroy records 3 years after project closure.' They will respect the discipline.
How do we automate this?
Start with a policy. Automation follows the rule. You cannot automate a decision you haven't made.