By
•
Email Retention and Deletion Best Practices: Lessons from Real-World Case Studies
Email remains one of the most business-critical — and risk-laden — sources of information in modern organizations. For records management, legal, compliance, and IT teams, email sits at the intersection of regulatory obligation, legal exposure, storage cost, and operational efficiency.
Yet many organizations are still grappling with a familiar challenge: what should be retained, what should be deleted, and where should email live once those decisions are made?
These questions were the focus of Colligo’s recent webinar, Email Retention & Deletion – Best Practices + Case Studies, where industry experts explored how organizations are moving away from “keep everything” and toward a more defensible, lifecycle-based approach to email retention and deletion best practices.
Why Email Retention and Deletion Has Become a Priority
Across industries, pressure is mounting to get email under control. Several forces are driving this shift:
- Legal and regulatory risk: Retained emails are discoverable emails. The more you keep, the larger your potential exposure.
- Privacy and data protection laws: Regulations such as GDPR require organizations to dispose of personal data that no longer serves a legitimate business purpose.
- Operational inefficiency: Overloaded mailboxes slow Outlook, complicate search, and frustrate users.
- Storage constraints and cost: Many organizations are hitting mailbox limits and paying more to expand storage.
As a result, legal teams are increasingly mandating formal email deletion policies to reduce risk and exposure. Organizations that are navigating this shift may find it helpful to review Colligo’s guidance on reducing legal risk through a company email deletion policy.
Do Not Store Records in Outlook
One of the strongest messages from the webinar was clear: Outlook is not designed to function as a records repository.
When important emails are kept only in personal mailboxes, organizations face several challenges:
- Siloed information, locked in individual inboxes
- Poor retrievability, especially when employees leave or change roles
- Inconsistent retention, driven by individual user behavior
- A culture of hoarding, where everything is kept “just in case”
While in-place retention within Outlook may meet minimum compliance requirements, it does little to support collaboration, knowledge sharing, or long-term governance.
Retention vs. Deletion: Why You Need Both
Every organization is required to retain certain categories of email for defined periods, based on industry regulations, local laws, and internal compliance standards. At the same time, deletion is just as important as retention.
Holding onto unnecessary email increases legal risk, undermines privacy obligations, and inflates storage costs. This balance — retaining what matters while defensibly deleting what does not — is at the heart of modern email governance.
For a deeper look at how email fits into broader information management programs, see Colligo’s article on email retention as a key aspect of information management.
From “Keep Everything” to Modern Email Lifecycle Management
Many organizations historically followed a “keep everything” mindset. Storage was cheap, and deletion felt risky.
Today, that approach is giving way to email lifecycle management — actively managing email from creation, through retention, and ultimately to disposal.
A key insight from the webinar is that not all email has equal value:
- The majority of email — often 80–85% — is ROT (redundant, obsolete, or trivial).
- A much smaller percentage contains high-value content that qualifies as a record or has long-term business significance.
Effective email retention and deletion strategies focus on identifying and protecting that high-value content early, while allowing low-value email to be disposed of on a defined schedule.
In-Place Retention vs. Right-Place Retention
Many organizations rely on in-place retention, preserving emails in the mailbox where they were sent or received. While simple to implement, this approach introduces several long-term challenges, including poor accessibility, duplication, and limited governance.
An alternative discussed in depth during the webinar is right-place retention.
What Is Right-Place Retention?
Right-place retention treats the mailbox as temporary, transitory storage, while high-value emails and attachments are moved to a shared, structured repository such as SharePoint.
In this model:
- Mailboxes hold email temporarily
- SharePoint becomes the long-term system of record
- Retention and deletion rules are applied where access, metadata, and lifecycle controls are stronger
This approach supports compliance while also improving collaboration, knowledge management, and search.
Best Practices for Email Retention and Deletion
Drawing from the webinar discussion, several best practices consistently emerged:
1. Clearly Define What Must Be Retained
Work with legal, compliance, and records teams to define which categories of email must be retained and for how long.
2. Move Records Out of Personal Mailboxes
High-value emails should be stored in shared repositories where access is controlled and retention is enforced consistently.
3. Automate Deletion of Aged Mailbox Content
Once records are protected elsewhere, mailbox deletion policies can safely remove aged content — whether after 30 days, one year, or longer.
4. Use Retention Policies and Labels Strategically
Tools like Microsoft Purview allow organizations to combine broad retention policies with more granular retention labels for exceptions.
Read more about how Microsoft Purview and Colligo work together.
5. Train Users and Plan Ahead
Successful programs give users time, training, and clear guidance before deletion policies go live.
Case Studies: Email Retention and Deletion in Practice
Large U.S. Energy Company
A large energy organization with more than 10,000 employees needed to implement a mailbox deletion policy with a fixed go-live date. Many staff had decades of email history containing critical regulatory and project records.
By giving employees time and tools to move high-value emails into SharePoint before deletion began, the organization successfully migrated hundreds of thousands of important emails into a governed repository — something that would have been nearly impossible without proper planning.
Pharmaceutical Company with Tight Timelines
In another case, a pharmaceutical company faced a very short timeline to implement an aggressive deletion policy.
Despite the compressed schedule, employees were able to quickly move critical email records into SharePoint, capture rich metadata, and reduce risk without disrupting business operations.
In both cases, legal and compliance pressure was the catalyst — but success depended on providing users with a practical way to comply.
How Colligo Supports Email Retention and Deletion Best Practices
Colligo helps organizations put these best practices into action by bridging Outlook and SharePoint.
With Colligo, users can:
- Easily move or copy high-value emails and attachments from Outlook into SharePoint
- Automatically capture metadata to support governance and search
- Preserve entire email conversations
- Use both interactive and automated filing options
By enabling right-place retention, Colligo allows organizations to reduce mailbox clutter, enforce consistent retention and deletion policies, improve collaboration, and lower legal risk — all without disrupting how people work in Outlook.
Frequently Asked Questions
Email retention focuses on keeping required email records for a defined period to meet legal, regulatory, or business requirements. Email deletion focuses on defensibly disposing of non-record or expired email to reduce risk, storage costs, and privacy exposure. Effective email governance requires both.
Outlook is designed for communication, not long-term records storage. Best practice is to move high-value email records out of personal mailboxes into a shared repository such as SharePoint, where access, metadata, and retention can be managed consistently.
Yes. Once required email records have been captured and retained in an appropriate system of record, organizations can defensibly delete non-record and aged email from Outlook in accordance with their deletion policies.
Retention periods vary by industry, jurisdiction, and document type. Legal, compliance, and records teams should define retention schedules based on regulatory requirements and business needs, rather than applying a one-size-fits-all timeframe.
Key Takeaways for Records, Legal, Compliance, and IT Teams
- Email retention and deletion must be addressed together
- Outlook alone is not sufficient for long-term records storage
- Successful programs combine policy, technology, and user enablement
- Starting early makes implementation far smoother
Want to see these best practices in action?
Watch the Email Retention & Deletion – Best Practices + Case Studies webinar to hear real-world examples and practical guidance from records, legal, compliance, and IT perspectives.
Or, get in touch with us to see a demo or request a free trial or ask further questions.