Features & Usage
Configuring Data Retention for Deleted Records
Configure how long deleted patient, entry, and user records are retained before permanent removal. Learn about deletion policies, recovery, retention period settings, and database cleanup procedures.
Updated April 7, 2026
7 min read
Overview
When patients, entries, or images are deleted in Dermi Atlas Professional, the behavior depends on the Data Deletion Policy configured in Dermi Atlas Manager. For the Recoverable and Standard deletion policies, deleted records are retained for a configurable period before permanent removal, providing a safety window for recovery. For the Permanent deletion policy, all data is permanently removed immediately. Account deletion is handled separately and is always permanent, as described in the Account Deletion section below.
This article explains the deletion levels, how to recover deleted records, how to configure the retention period, and how expired records are cleaned up.
Deletion Policy Options
The Data Deletion Policy determines how patient data, entries, and images are handled when deleted. The deletion policy is configured in Dermi Atlas Manager under Preferences and applies to all deletion operations performed within Dermi Atlas Professional.
Recoverable
Retains all data, stored files, and activity logs for the configured retention period. Deleted patients, entries, and images can be fully recovered from within Dermi Atlas Professional during this window. This policy is recommended for practices with regulatory compliance requirements, as it preserves a complete audit trail alongside the deleted data.
Standard (Default)
Retains deleted data and stored files for the configured retention period. Activity logs associated with deleted items are removed at the time of deletion, while a single deletion event is logged. Deleted patients, entries, and images can still be recovered. This is the default deletion policy.
Permanent
Immediately and permanently removes all data, stored files, and activity logs. Deleted items cannot be recovered. This policy is appropriate when permanent, irrecoverable deletion is required.
Recovering Deleted Records
When the Recoverable or Standard deletion policy is used, deleted records can be recovered from within Dermi Atlas Professional before the retention period expires.
Patient Recovery
Deleted patients can be recovered from the Deleted Records page, accessible from the sidebar in Dermi Atlas Professional. Each deleted patient displays the deletion date and a countdown to permanent removal. Recovery requires typing a confirmation phrase.
Illustrative demo with synthetic data. Learn more
When a patient is recovered, all entries and images that were deleted as part of that patient deletion (cascade-deleted) are also restored. Entries or images that were individually deleted before the patient deletion retain their deleted status and must be recovered separately.
If a new patient has been created with the same unique identifier as a deleted patient, recovery of the deleted patient is blocked until the conflict is resolved.
Entry and Image Recovery
Individually deleted entries and images can be recovered from the Deleted Items drawer on the patient detail page. Recovery is available only while the parent patient is active (not deleted). Each item displays its retention countdown.
Illustrative demo with synthetic data. Learn more
Account Deletion
Account deletion always performs a full permanent deletion of all patient data, regardless of the configured Data Deletion Policy. All patient records, entries, images, stored image files, and activity logs belonging to the account are permanently removed. Previously soft-deleted records belonging to that account are also permanently removed.
There is no software mechanism within Dermi Atlas Professional to recover a deleted account or its data. As the data controller, the practice is responsible for maintaining system backups via Dermi Atlas Manager. Restoring from a full system backup is the only recovery path after an account deletion.
Default Retention Period
By default, deleted records are retained for 120 months (10 years) before becoming eligible for permanent removal. This default applies to:
- Deleted patient records
- Deleted entries and images
- Deleted user accounts
- Associated activity logs
Configuring the Retention Period
The retention period can be adjusted through Dermi Atlas Manager.
Accessing Retention Settings
- Open Dermi Atlas Manager on the host computer.
- Navigate to the Preferences page.
- Locate the Data Retention Period section.
Setting the Retention Period
- Enter the desired retention period in months.
- The valid range is 1 to 600 months (1 month to 50 years).
- Click Save to apply the changes.
The interface displays the retention period in both numeric months and human-readable format (for example, "2 years, 3 months").
Important Considerations
When configuring or changing the retention period, be aware of the following behaviors:
How Retention Period Changes Are Applied
When the retention period is changed, the new setting is applied retroactively to all existing deleted records. The expiration date for each record is recalculated based on when the record was originally deleted plus the new retention period.
Example: If a patient was deleted on January 1, 2026 with a retention period of 120 months, and the retention period is later reduced to 6 months, the expiration date for that record will be recalculated to July 1, 2026. If the new expiration date has already passed, the record will be permanently removed automatically.
Reducing the Retention Period
When the retention period is reduced, Dermi Atlas Manager requires a confirmation before saving the change. This is because reducing the retention period may cause existing soft-deleted records to expire immediately if their recalculated expiration date has already passed, making those records permanently unrecoverable.
Targeted Record Removal
To remove specific deleted records before their scheduled expiration without changing the global retention period, the database can be accessed directly. This is described in the Manual Database Cleanup section below.
How Deleted Records Are Stored
When the Recoverable or Standard deletion policy is used, records are not removed from the database. Instead, a deletion marker is applied to each affected document containing the deletion timestamp, the user who performed the deletion, whether the deletion was individual or part of a parent deletion (cascaded), and the calculated expiration date.
In addition to the deletion markers on patient, entry, and image documents, the system maintains dedicated tracking collections:
- Deleted patients are tracked in the
deletedPatientscollection - Deleted users are tracked in the
deletedUserscollection - Associated logs are marked with an expiration date in the
loggingcollection
Each record includes an expiresAt field that indicates when the record becomes eligible for permanent removal.
Stored image files are retained for Recoverable and Standard deletion policies, ensuring that images can be restored if the patient, entry, or image is recovered. Image files are only permanently removed when the Permanent deletion policy is used or when automated cleanup processes the expired records.
Automated Cleanup
Expired soft-deleted records are automatically removed by a cleanup process that runs daily as part of the Dermi Atlas Professional deployment. This process identifies patients, entries, and images that have passed their expiration date, removes the associated stored image files, and then permanently deletes the database records.
The automated cleanup is included in the standard Dermi Atlas Professional installation and requires no manual configuration. It operates independently and is safe to run alongside normal system operations.
Manual Database Cleanup
Automated daily cleanup handles the removal of expired records. In some cases, specific deleted records may need to be removed before their scheduled expiration date. This can be accomplished by directly accessing the MongoDB database.
Prerequisites
- Access to the MongoDB database (typically via MongoDB Shell or a database management tool)
- Administrative privileges on the database
- Understanding of the implications of permanent data removal
Connecting to the Database
The MongoDB database runs inside Docker containers as a replica set. To access it:
- Ensure Dermi Atlas Professional is running.
- Open a terminal on the host computer.
- Connect to the MongoDB container:
docker exec -it mongo1 mongosh- Authenticate and select the Atlas database:
use dermi-atlas-professionalRemoving Expired Records
To remove all records that have passed their expiration date, run the following commands:
Remove expired deleted patient records:
db.deletedPatients.deleteMany({ expiresAt: { $lte: new Date() } })Remove expired deleted user records:
db.deletedUsers.deleteMany({ expiresAt: { $lte: new Date() } })Remove expired log entries:
db.logging.deleteMany({ expiresAt: { $lte: new Date() } })Removing Specific Records Before Expiration
To remove specific records before their scheduled expiration, you can filter by additional criteria.
Remove a specific deleted patient by patient ID:
db.deletedPatients.deleteOne({ patientId: ObjectId("your-patient-id-here") })Remove all deleted records for a specific user (physician):
db.deletedPatients.deleteMany({ physicianId: ObjectId("your-user-id-here") })Viewing Pending Deleted Records
To view deleted records and their scheduled expiration dates:
List all deleted patients with expiration dates:
db.deletedPatients.find({}, { patientId: 1, deletedAt: 1, expiresAt: 1 }).sort({ expiresAt: 1 })Count records expiring within the next 30 days:
const thirtyDaysFromNow = new Date(Date.now() + 30 * 24 * 60 * 60 * 1000)
db.deletedPatients.countDocuments({ expiresAt: { $lte: thirtyDaysFromNow } })Data Retention and Compliance
The retention period feature supports compliance with data protection regulations such as HIPAA and PIPEDA. Consider the following when setting your retention period:
- Regulatory requirements may mandate minimum retention periods for medical records
- Practice policies may require specific retention durations
- Storage capacity should be considered for long retention periods
Consult with your compliance officer or legal counsel to determine the appropriate retention period for your practice.
Related Resources
- Audit Logging Configuration for understanding the audit trail and deletion logging
- Managing Patients for patient record creation and management
Was this article helpful?
Your feedback helps us improve our documentation
Still have questions?
Contact our support team for personalized help
Synthetic Data Notice
All demonstrations, screenshots, and media on this page use synthetic data only. No real patient information is shown.
The following are synthetic and do not correspond to real patients:
- All human faces and individuals are synthetic and do not represent real people
- All clinical and medical images, including photographs and scans, are synthetic or simulated
- All patient names, dates, identifiers, and other details are fictional
- All clinical notes and documentation are sample content for demonstration only
Media is provided solely to illustrate platform functionality and workflows.