It seems like every few months, a new regulation or mandate pops up to remind people to 1) keep their data longer and/or 2) delete it as soon as necessary. Those two edicts are not contrary to each other as long as you do them in that sequence; first, understand your retention requirements and then delete data beyond that retention date. But there is sooooo much more to it than that, since not all data has the same regulatory or operational retention benefits or requirements.
If you haven’t seen it already, please check out my earlier vBlog on “The Good, Better, Best of Data Management”