Records Retention Policy

Not sure how long different teams in your company retain sensitive personal data? Is it possible you have legacy systems collecting dust but kept around “just in case?”


In our experience, most clients answer “forever” and “yes,” to those questions, even when they have a Records Retention Policy.

Implementing or updating Records Retention Policies has become a priority in response to privacy regulations including the GDPR, the CCPA, and California’s new CPRA. Data Minimization is core to these regulations, which carry potential regulatory fines and penalties for breaches that can make it very expensive to keep unneeded data.

As part of our Record Retention Policy development service, DPSA will assist your organization in:

  • Understanding what records to keep
  • Identifying appropriate retention periods for different company records
  • Setting realistic standards for when and how to securely destroy data

We offer a broad range of services that can be customized to your needs.

Contact Us Today and we can start you on a path to regulatory compliance.