Why not keep everything (electronic) forever?

Posted by

FWIW, iIn Canada there is a retention limit in the Personal Information Protection and Electronic Documents Act which states:
Personal information shall be retained only as long as necessary for the fulfilment of [the purposes for which it was collected].

HEB Manitoba

Yeah, I hate that PIPEDA clause ;). It’s the RM equivalent of “how long is a piece of string”. Gold standard example of meaningless drivel cemented into law….



I dunno, why not?
Even digital “stuff” comes with responsibility for someone to clean up. At some point the “collection” becomes a serious liability that affects far more than just the collectors.

I moved my posting to top of thread. Not sure how to delete this response. Sorry for confusion 20190515 Webinar Post

One word: ENRON Hopefully, you don’t need an electronic “destruction” cycle because you are cheating in business. But, retaining old e-documents beyond their deletion date is a waste of resources and a potential legal hazard.


I manage contract files. Risk management is an issue with keeping files forever. As long as we have them, we can be sued.

Happy GDPR day – which goes into effect today and also requires that you get rid of PII when you’re done with it. Hefty fines if you mess up.


There are some great responses in this thread. Thank you. I will be using some of them in my arguments. I especially like the comments about only having to pay for credit protection for 1 million customers versus 5 million as well as the comment about disaster recovery. These are valid answers.

So what can we do?

In my opinion, retention policies must be clear.

For example, for PII, destroy all personal information within 30 days after “the fulfilment of [the purposes for which it was collected]” ….

Not putting a time limit in a retention policy that contains PII creates an opportunity for new uses to emerge and for a lawyer to argue “we did say on page 17 on line 45 in 6 point font that we may need to share with a 3rd party for blah blah blah reason or something to that effect”

Same with transitory records, the policy must be clear. Destroy all transitory records after 1 year of creation date, or a longer period if your official records are retained longer.

A transitory retention policy that says “keep for as long as you need to and then destroy” creates confusion among users who will simply default to “well, I think I might have a reason a few years from now”

There is good news

With almost all Enterprise Content Management platforms offering retention functionality it is a lot easier now than it was 5 years ago to build solutions to simplify the management of lifecycle management principles. The more recent versions of SharePoint and Box for Enterprise are two good examples, even with out-of-the-box configurations. OpenText Content Server is another great product that is easily configured and has been for a long time.

But for any good information governance program….

Senior management must be on board and be willing to lead by example. Too many leaders say yes we need this but then want exceptions and/or are not will to follow through with support.

Mark Grysiuk Records and Information Management Consulting

Yeah, I hate that PIPEDA clause ;). It’s the RM equivalent of “how long is a piece of string”. Gold standard example of meaningless drivel cemented into law….


I loved that question got so much traction!

Its funny that you posted this,right as I was publishing a blog on this very thing: Specifically, because the generation of information and records is faster than it has ever been! Forever is not a practical option in this environment!

The Importance Of A Retention Schedule
Linkedin remove preview

The Importance Of A Retention Schedule
So many businesses have a “we keep everything forever” policy. This isn’t sustainable or practical in a digital world. The impact of automated data

Deau Information Services Company, Inc.

Yes, it’s interesting that so many responses were received!
Looking back over the thread once more, I still think we captured the reasons for not keeping everything forever as:
-hard cost (financial)
-soft costs (staff time to retrieve, maintenance of private storage, undermining confidence in organizational systems)
-risk (legal risk from being sued, and reputational risk from breaches)
-compliance requirements (specific to an industry, from national law or regulations, or general/cross-cutting compliance requirements like GDPR).

Among these factors, it is the hard cost that I actually still feel I don’t fully understand: are there numbers available for HOW MUCH the cost of storage increases with, say, each additional gigabyte of content?

Clearly, the answer is NOT computed based on the costs of hard disk space; since we are discussing enterprise storage, there are also IT costs for time to configure storage and integrate it into organizational repositories, set up backup, and so forth. These may be simplified by using cloud storage, but I’m assuming these are still more than just additional hard disk space.


Hi Eric –
Plenty of information exists regarding cost trends for managed storage. I won’t repeat that here.

The key point is that information theory requires that storage costs cannot be zero. Prices can be, but that’s called marketing!

As long as storage costs are above zero, and the value of the information being stored is zero (or less than zero in the case of items that have no business value and could contain legal liabilities), it makes sense to dispose of information when it’s legally permissible to do so.

Unless someone is actually paying you to store your stuff, and indemnifying you against any legal risks associated with storage of outdated content, then an economic and legal motivation to disposition content that is legally eligible exists.

There are some great videos of hoarders in their houses on YouTube. Perhaps those could be useful in helping to motivate your users to let go of the old.

Good luck!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.