I think data retention policies will vary based on the organization. Currently our process begins when a manager or HR informs someone in IT that an employee is gone. Whoever receives the notice creates a ticket which notifies people in charge of 3rd party sites to disable access and then disabled the AD account. At that point I have powershell do the rest:

1. Each night all accounts that are under the OU structure for active employees and disabled have a timestamp value added and are moved to a "disabled" OU.
2. Each account in the disabled OU has the timestamp checked to see if they've been disabled 30 days. If so, email is exported to a PST, home directory is compressed to a zip, etc. and the data is moved to archive storage. The account is then moved to a "deleted" OU.
3. Each account in the deleted OU has the timestamp checked to see if they've been "deleted" 90 days. If so all data for the user is deleted from the archive and the account is finally removed. (I have a CSV file of any litigation hold accounts that I retain indefinitely until legal says I can remove it that the script also checks against)
4. The script generates a report of all actions performed as well as any accounts schedule for final deletion within the next week and emails it to myself, my boss, and HR.

I'm only required to store data for termed employees for 30 days, but the extra 90 day window saves me from occasionally restoring something from backup. The report email is also handy. I only care that the process completed, but it also puts responsibility in HR's court for something like someone accidentally getting deleted while on maternity leave or something.