Hard delete after review period

Severity: Recommended

After the review period, there should be a way to actually purge soft-deleted records. This shouldn't happen automatically without review, but the capability must exist.

Check automatically:

1. Look for hard delete capability:

# Permanent delete methods
grep -rE "hardDelete|permanentDelete|forceDelete|purge|destroy.*force" --include="*.ts" src/ 2>/dev/null

# Raw DELETE statements (intentional purge)
grep -rE "DELETE FROM" --include="*.ts" --include="*.sql" scripts/ 2>/dev/null

# ORM force delete
grep -rE "\.destroy\(.*force|\.delete\(.*force|softRemove.*false" --include="*.ts" src/ 2>/dev/null

2. Check retention period configuration:

# How long before soft-deleted data is purged
grep -rE "retention.*period|RETENTION_DAYS|DELETE_AFTER_DAYS|purge.*days" --include="*.ts" --include="*.env*" --include="*.yml" 2>/dev/null

3. Look for purge scripts or jobs:

# Purge/cleanup scripts
find . -type f \( -name "*purge*" -o -name "*cleanup*" -o -name "*retention*" \) 2>/dev/null

# Scheduled purge jobs
grep -rE "purge|cleanup.*deleted|remove.*old" --include="*.ts" src/jobs/ src/workers/ src/cron/ 2>/dev/null

4. Check for audit logging of purges:

# Logging what was deleted
grep -rE "log.*purge|log.*delete|audit.*purge" --include="*.ts" src/ 2>/dev/null

Cross-reference with:

• RET-003 (review must happen before purge)
• RET-005 (legal holds override purge)

Pass criteria:

• Hard delete mechanism exists (script, job, or admin action)
• Retention period defined (e.g., "purge after 90 days soft-deleted")
• Purge is auditable (logs what was deleted, when, by whom)
• Purge is gated (not fully automatic - requires review or approval)

Fail criteria:

• No way to actually delete data (storage grows forever)
• Automatic purge without review step
• No defined retention period
• Purges not logged/auditable

Evidence to capture:

• Hard delete mechanism location
• Retention period configuration
• Audit/logging for purge operations
• Approval/gating mechanism (if any)

---