Get started with retention policies and retention labels
Ready to start governing your organization's data by retaining the content that you need to keep, and deleting the content that you don't? Use the following high-level guidance to get started:
Understand how retention works in Microsoft 365, and then identify whether you need to use retention policies or retention labels, or a combination: Learn about retention
Identify the retention settings and actions that are required by your organization policies or industry regulations.
As part of this assessment, determine whether you will use records management.
Create retention policies and retention labels, based on the retention settings and actions that you identified.
For retention labels, you might find it useful to use file plan to define and refine your retention labels in a spreadsheet. Then, import that spreadsheet to create your labels.
Publish and apply your retention labels. While retention policies are designed for "set it and forget it" configuration, retention labels are reusable building blocks that can be used in multiple policies and can be incorporated into user workflows. See the list of common scenarios to help you identify how retention labels can be used.
Subscription and licensing requirements for retention policies and retention labels
A number of different subscriptions support retention policies and retention labels and the licensing requirements for users depend on the features you use.
To see the options for licensing your users to benefit from Microsoft 365 compliance features, see the Microsoft 365 licensing guidance for security & compliance. For retention, see the Information Governance section and related PDF or Excel download for feature-level licensing requirements.
Permissions required to create and manage retention policies and retention labels
Members of your compliance team who will create and manage retention policies and retention labels need permissions to the Microsoft 365 compliance center. By default, the tenant admin (global administrator) has access to this location and can give compliance officers and other people access without giving them all the permissions of a tenant admin. To grant permissions for this limited administration, we recommend that you add users to the Compliance Administrator admin role group.
Alternatively to using this default role, you can create a new role group and add the Retention Management role to this group. For a read-only role, use View-Only Retention Management.
For more information about role groups and roles, see Permissions in the Security & Compliance Center.
For instructions to add users to role groups and assign roles, see Give users access to the Security & Compliance Center.
These permissions are required only to create, configure, and apply retention policies and retention labels. The person configuring these policies and labels doesn't require access to the content.
Common scenarios for retention policies and retention labels
Use the following table to help you map your business requirements to retention scenarios supported by retention policies and retention labels.
|I want to ...||Documentation|
|Efficiently set retain and delete actions by Microsoft 365 service:
- Microsoft 365 Groups
- Skype for Business
- Microsoft Teams
- Yammer network
|Create and configure retention policies|
|Let admins and users manually apply retain and delete actions for documents and emails:
- Outlook and Outlook on the web
|Create retention labels and apply them in apps|
|Let site admins set default retain and delete actions for all content in a SharePoint library, folder, or document set||Create retention labels and apply them in apps|
|Let users automatically apply retain and delete actions to emails by using Outlook rules||Create retention labels and apply them in apps|
|Let admins apply retain and delete actions to a document understanding model, so that these are automatically applied to identified documents in a SharePoint library||Create retention labels and apply them in apps|
|Automatically apply retain and delete actions to documents and emails||Apply a retention label to content automatically|
|Start the retention period when an event occurs, such as:
- Employees leave the organization
- Contracts expire
- End of product lifetime
|Start retention when an event occurs|
|Restrict changes to policies to help meet regulatory requirements or safeguard against rogue administrators||Use Preservation Lock to restrict changes to retention policies and retention label policies|
|Make sure somebody reviews and approves before content is deleted at the end of its retention period||Disposition reviews|
|Monitor how and where retain and delete settings are applied to items||Monitoring retention labels|
|Use a single records management solution for documents and emails||Learn about records management|
If you use retention labels for records management, there are additional scenarios that are unique to retention labels that mark content as a record. See Common scenarios for records management.
End-user documentation for retention
Most retention policies work unobtrusively in the background without user interaction, and so need little documentation for users. Retention policies for Teams inform users when their messages have been deleted with a link to Teams messages about retention policies.
Because retention labels have a UI presence in Microsoft 365 apps, make sure you provide guidance for end users and your help desk before you deploy these labels to your production network.
The most effective end-user documentation will be customized guidance and instructions you provide for the retention label names and configurations you choose. See the following blog post for a download package that you can use to train users and drive adoption: End User Training for Retention Labels in M365 – How to Accelerate Your Adoption.
You will also find basic user instructions in the follow section: Manually apply retention labels.