Skip to main content
Version: 1.0.0
Date: 2026-01-16
Status: Planning
Reference: docs/migration/SUPABASE_PERFORMANCE_RECOMMENDATIONS.md

Executive Summary

This document outlines the data archival strategy for the Encore OS platform. The goal is to maintain database performance by archiving old data while ensuring compliance with healthcare data retention requirements.

1. Archival Candidates

1.1 Audit & Activity Logs

1.2 Workflow & Execution Logs

1.3 Notifications & Communications

1.4 Temporary & Session Data


2. Healthcare Compliance Requirements

2.1 HIPAA Requirements

  • Patient Records: Minimum 6 years from date of creation or last effective date
  • Audit Logs: Minimum 6 years (some states require longer)
  • Business Records: Generally 6-7 years

2.2 State-Specific Requirements

2.3 Compliance Rules

  1. Never archive PHI-containing records prematurely
  2. Maintain audit trail for archived data
  3. Ensure archived data is retrievable
  4. Document archival process for compliance audits

3. Archival Methods

Create parallel archive tables in a separate schema.
Advantages:
  • Data stays in same database
  • Easy to query archived data when needed
  • Simple implementation
Disadvantages:
  • Storage costs remain in database
  • May need to manage archive table growth

3.2 Method 2: External Storage (Future)

Export to external storage for long-term retention. Options:
  • AWS S3 / Glacier (cold storage)
  • Azure Blob Storage
  • Google Cloud Storage
Use When:
  • Archive data exceeds practical database size
  • Cost optimization is priority
  • Data is rarely accessed

3.3 Method 3: Hard Delete (Non-PHI Only)

For temporary data that doesn’t require retention.
Use Only For:
  • Session data
  • Temporary files
  • Debug/sandbox data
  • Non-business-critical logs

4. Implementation Plan

Phase 1: Infrastructure Setup

  1. Create archive schema
  2. Create archive tables for high-priority candidates
  3. Set up archive RLS policies (platform_admin only)
  4. Create archival functions

Phase 2: Archival Functions

Phase 3: Scheduled Archival

Options for scheduling:
  1. Supabase Edge Functions (cron trigger)
  2. External scheduler (n8n, Vercel cron)
  3. pg_cron extension (if available)
Recommended Schedule:
  • Weekly archival runs (low-traffic period)
  • Monthly summary reports
  • Quarterly compliance audits

Phase 4: Monitoring

  1. Track archive table sizes
  2. Monitor archival job success/failure
  3. Alert on failed archival runs
  4. Report on archived record counts

5. Table Size Assessment Query

Run this query to identify archival candidates by size:

6. Archival Verification Query

After archival, verify data integrity:

7. Risk Mitigation

7.1 Data Loss Prevention

  • Always archive before delete
  • Test archival process in staging first
  • Maintain backup before first production run
  • Verify record counts after each run

7.2 Compliance

  • Document archival dates for audit
  • Maintain chain of custody for PHI
  • Test data retrieval from archive
  • Regular compliance review

7.3 Performance

  • Run archival during low-traffic periods
  • Batch large archival operations
  • Monitor lock contention
  • Use transactions with appropriate isolation

8. Success Metrics


9. Next Steps

  1. Run table size assessment query
  2. Identify top 10 archival candidates by size
  3. Create archive schema and initial tables
  4. Implement archival functions
  5. Test in staging environment
  6. Schedule production archival
  7. Set up monitoring and alerting

10. References


Document Owner: Platform Team
Review Schedule: Quarterly
Last Updated: 2026-01-16