Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt

Use this file to discover all available pages before exploring further.

Feature ID: PF-46
Status: ✅ Complete
Spec: PF-46-data-retention-lifecycle.md
Last Updated: 2026-03-04

Overview

PF-46 implements platform-wide data retention policies, automated archival and deletion, and legal holds. It consumes PF-04 (Audit Logging) for lifecycle event audit trail and PF-11 (Document Management / Supabase Storage) for cold storage of archived data. Scheduled jobs (pg_cron) invoke the process-data-retention edge function for archive and delete actions.

Integration Points (from Spec)

DependencyPatternPurpose
PF-04 (Audit Logging)AuditRetention policy changes and lifecycle events are audited; lifecycle events table pf_data_lifecycle_events provides audit trail with human-readable reasons in custom_fields
PF-11 (Document Management)Platform / StorageArchival moves data to cold storage (Supabase Storage); verify bucket server-side encryption for archived PHI

Platform Integration Layer Usage

  • PF-11 (Documents / Storage): Archival writes entity-specific content to Supabase Storage buckets (cold storage). Implementation MUST use server-side encryption for buckets holding archived PHI. No direct dependency on PF-11 application APIs beyond Storage API.
  • PF-04 (Audit): Lifecycle events are recorded in pf_data_lifecycle_events; policy changes and hold placement/removal are audited per existing PF-04 patterns. No event publish required; table is the audit record.

Scheduled Processing

  • Job: pf-data-archival — Schedule: 0 0 * * * (daily midnight UTC). Invokes process-data-retention with action: "archive".
  • Job: pf-data-deletion — Schedule: 0 1 * * * (daily 1 AM UTC). Invokes process-data-retention with action: "delete".
  • Edge Function: process-data-retention — MUST read service role key from environment; MUST query pf_legal_holds before any deletion and skip records under active hold. Uses _shared/cors.ts, _shared/logger.ts, _shared/supabase.ts (or requireEnv + createClient from npm:@supabase/supabase-js@2).

API / Event Contracts

  • No public API. Edge function is invoked only by pg_cron (internal). No event contracts published by PF-46; consumers of retention status use direct query of pf_retention_policies, pf_legal_holds, and pf_data_lifecycle_events via RLS.