The objectives of a data retention policy are to keep important information for future use or reference, to organize information so it can be searched and accessed at a later date and to dispose of information that is no longer needed.
A data retention policy must consider both the value of data over time and regulations data may be subject to. In 2006 the U.S. Supreme Court recognizing that it is not financially possible to retain all information indefinitely. However, organizations must be able to demonstrate that they delete data that is not subject to specific regulatory requirements based on a repeatable and predictable process. This means that different types of information are held for different lengths of time. For example, a hospital's retention period for employee email would be different than that of its patient records.