Data privacy continues to be a significant concern to both businesses and their customers and clients. High capacity databases may contain vast amounts of personal and commercial confidential data that, if accessed successfully by a person not authorized to do so, may result in substantial personal and corporate financial losses of those associated with that data. Accordingly, to reduce the risk of such losses, most computer system applications that store and access records via a database may implement a records retention policy by which data for which there is no longer a compelling business purpose to retain are deleted. Aside from its data privacy benefits, such a data retention policy is also likely to facilitate more efficient use of data storage in the database, as data that is no longer important for some business or personal purpose may be removed to allow new, more pertinent data to be stored in the database.
Generally, each application that accesses a particular database is responsible for the creation, access, and ultimate deletion of its data. Consequently, the application is responsible for determining whether and, if so, when each item of data should be deleted, and for actually deleting one or more of the data items based on that determination.
In some implementations, an application may organize its data items as a plurality of business data objects, with each business data object further including a plurality of database records, such as, for example, separate rows of one or more database tables. To implement a database records retention policy that successfully deletes data regarding particular clients, customers, employees, products, and the like, at least some applications are capable of determining if and when each individual database record should be deleted.