Data Retention and Records Management Policy

# Data Retention and Records Management Policy

**Last updated:** 2026-03-04

## 1. Purpose
This policy defines retention, archival, deletion, and records handling controls for information processed in SocialDesk.

## 2. Principles
- Lawful and purpose-limited retention.
- Data minimization and storage limitation.
- Integrity, traceability, and secure disposal.

## 3. Record Categories
- Case and beneficiary records.
- Consent and disclaimer/version records.
- Audit logs and access logs.
- Documents, attachments, and exports.
- Security event and incident records.

## 4. Retention Schedules
Retention periods are defined by legal mandate, regulator guidance, and organizational policy. Schedules must be reviewed periodically and approved by compliance leadership.

## 5. Holds and Preservation
Deletion is suspended when records are under legal hold, active investigation, or audit requirement.

## 6. Secure Disposal
At end of lifecycle, records are deleted, anonymized, or archived with documented controls and auditable proof.

## 7. Access and Accountability
Only authorized users may modify retention settings. Changes must be logged with actor, timestamp, and reason.

## 8. Review Cadence
Retention schedules are reviewed at least annually, or sooner when legal requirements change.