Why this matters
HIPAA requires policies for retention and disposal; automated purges reduce residual risk.
Changes that create new ePHI stores must also include retention configuration and a scheduled purge job aligned to policy (e.g., 6 years). Document tables/collections covered and add tests for TTL behavior.
HIPAA requires policies for retention and disposal; automated purges reduce residual risk.
Side-by-side examples engineers can pattern-match during review.
PR: adds table phi_lab_results with no TTL or purge planPR: adds phi_lab_results + retention.yaml (ttl: 6y) + purge_job cron + tests verifying deletion of expired rowsCREATE TABLE phi_events (...); -- no ttlretention.yaml: { table: phi_events, ttl: 6y }
cron: purge_phi_events @dailyFrom the same buckets as this rule.
Before persisting ePHI, encrypt using a data key protected by a Key Management Service (KMS). Use authenticated encryption (AES-256-GCM or equivalent), rotate keys, and store the key id and algorithm with the record.