A data management process in a storage system comprises a two-step deletion process with a confirmation hold. Data identified in a service request for deletion is encrypted using a one-time use public key to render the data inaccessible to users and system processes. The data is decrypted using a corresponding private key and verified that the data corresponds to the data and is quarantined to prevent access by changing permissions. The quarantined data is further analyzed using a set of criteria that to determine whether access to the data by system users or process is still needed. If not, the data is permanently deleted by securely deleting the encryption and decryption keys.