Configure how long deleted patient and user records are retained before permanent removal. Learn about retention period settings and manual database cleanup procedures.
When patients or user accounts are deleted in Dermi Atlas Professional, the associated data is not immediately removed. Instead, deleted records are retained for a configurable period before permanent removal. This retention period provides a safety window for recovery and supports compliance requirements.
This article explains how to configure the retention period and how to manually remove expired records from the database when needed.
By default, deleted records are retained for 120 months (10 years) before becoming eligible for permanent removal. This default applies to:
The retention period can be adjusted through Dermi Atlas Manager.
The interface displays the retention period in both numeric months and human-readable format (for example, "2 years, 3 months").
When configuring or changing the retention period, be aware of the following behaviors:
When the retention period is changed, the new setting is applied retroactively to all existing deleted records. The expiration date for each record is recalculated based on when the record was originally deleted plus the new retention period.
Example: If a patient was deleted on January 1, 2026 with a retention period of 120 months, and the retention period is later reduced to 6 months, the expiration date for that record will be recalculated to July 1, 2026. If the new expiration date has already passed, the record will be permanently removed automatically.
To remove specific deleted records before their scheduled expiration without changing the global retention period, the database can be accessed directly. This is described in the Manual Database Cleanup section below.
When a patient or user is deleted, the system creates a record in a dedicated collection:
deletedPatients collectiondeletedUsers collectionlogging collectionEach record includes an expiresAt field that indicates when the record becomes eligible for permanent removal.
In some cases, you may need to remove deleted records before their scheduled expiration date. This can be accomplished by directly accessing the MongoDB database.
The MongoDB database runs inside Docker containers as a replica set. To access it:
docker exec -it mongo1 mongoshuse dermi-atlas-professionalTo remove all records that have passed their expiration date, run the following commands:
Remove expired deleted patient records:
db.deletedPatients.deleteMany({ expiresAt: { $lte: new Date() } })Remove expired deleted user records:
db.deletedUsers.deleteMany({ expiresAt: { $lte: new Date() } })Remove expired log entries:
db.logging.deleteMany({ expiresAt: { $lte: new Date() } })To remove specific records before their scheduled expiration, you can filter by additional criteria.
Remove a specific deleted patient by patient ID:
db.deletedPatients.deleteOne({ patientId: ObjectId("your-patient-id-here") })Remove all deleted records for a specific user (physician):
db.deletedPatients.deleteMany({ physicianId: ObjectId("your-user-id-here") })To view deleted records and their scheduled expiration dates:
List all deleted patients with expiration dates:
db.deletedPatients.find({}, { patientId: 1, deletedAt: 1, expiresAt: 1 }).sort({ expiresAt: 1 })Count records expiring within the next 30 days:
const thirtyDaysFromNow = new Date(Date.now() + 30 * 24 * 60 * 60 * 1000)
db.deletedPatients.countDocuments({ expiresAt: { $lte: thirtyDaysFromNow } })The retention period feature supports compliance with data protection regulations such as HIPAA and PIPEDA. Consider the following when setting your retention period:
Consult with your compliance officer or legal counsel to determine the appropriate retention period for your practice.
Your feedback helps us improve our documentation
Contact our support team for personalized help