We audit select data using before and after writes for adds,updates, and deletes. For some tables we also have deny update and deny deletes in place. In certain sensitive data situations we log the daylights out of the transactions and retain the logs for some time as part of the history chain of custody of the transaction.

The audit data is kept for a variable length of time, but most kept for a long time. The audit data is backed up with the transactional data as well.