Version 2
This documentation is for version 2 of the DRM, released in Standardised Site iCM4j 17.0.1239 and Standardised Site iCM.NET 14.0.0 (March 2024). It has the ability to delete process instance data, distinguish between sealed/unsealed histories, and set the retention period based on open/last modified date. For version 1 see Data Retention Manager (version 1)
The Data Retention Manager (DRM) lets you set up schedules that will delete data saved using the platform's History Service and data that remains in the workflow engine once a process instance has ended.
Histories are, by default, created whenever a user starts a workflow process on your site. Histories can also be written by individual form submissions.
You can set up bespoke schedules for each type of history, or save "global" schedules that can be reused and applied to multiple histories. Each schedule has a retention period that can target all histories of a certain type, or just those with specific "labelc" values. A background task (a scheduled End Point) runs each night, checks your schedules, and deletes any data that falls outside of your retention periods.
The DRM has been designed to be used via an iCM Form App shortcut so that it can be secured to an appropriate iCM administrator group of users. It also integrates with the My Account template, allowing your site users to see records of the data they have created and delete the corresponding history.
Assumptions
The standard DRM assumes that the histories saved in the iCM database follow our standard conventions for labels and subject data, described in the History Conventions knowledge base article. When creating schedules our "labelc" policies (notes, attachments, reporting etc) can be found in the Labelc Histories and Reporting Data article.
What Happens to the Data?
History records that have DRM policies applied to them are deleted. When a history record is deleted, any history digests that include the data are automatically updated (this is a standard feature of the history service).
When you set up DRM schedules you can optionally choose to delete the data of terminated process instances too.
Once data has been deleted it cannot be recovered.
The DRM keeps an audit log of what has been deleted.
Other Data Stores
The default DRM behaviour deletes data from the platform's history service and workflow engine. It does not delete form data stored as iCM objects (accessible via the Form Data Browser).
Custom deletion plugins (for example for Case Management) may behave differently and are documented separately.