While some businesses such as Target are already using data to foretell the future, others are still trying to figure out the basics of data management. As they grow, small and medium-sized businesses in particular will start finding that they have more data than they know what to do with. While some of this data will be essential depending on the industry, much of it is static and unimportant. When do you back up, when do you archive and when do you delete?


When it comes to data, law firms, medical institutions, small credit unions and other SMBs might need safe storage of mission-critical documents in addition to a secondary failsafe. Any data that is integral for a business to continue functioning on a day-to-day basis is considered vital – so in other words, the loss of this data would definitively result in lost revenue, productivity setbacks or a bad company reputation. In addition to its undeniable importance, this data is not easily replaced by its nature.

Picture, for example, what would happen if a small film editing studio lost all the footage supplied by a business client because of a flood. Or, what if a law firm failed to back up key digital evidence that could make or break a case? Any information such as this must be backed up securely and in such a way that it cannot be lost. As for how often to back up this data, AllBusiness.com recommended backing up your most essential data as often as once a day, and that other important records be migrated to remote storage on a fairly regular basis, perhaps once a week. There is some wiggle room, and data retention policies will vary between businesses. What matters most is that the policy protects essential data.

Temporary archiving of certain records is required by law. Temporary archiving of certain records is required by law.


Not all data is necessarily vital in the here and now, but must be kept for a prolonged period for compliance reasons. For instance, TechTarget noted that the Health Insurance Portability and Accountability Act and the Payment Card Industry Data Security Standard have issued requirements for data retention of certain medical information and payment data. Other key information such as tax forms and certain legal documentation must also be archived. Wherever possible, it’s best to automate archival of information to reduce the risk of misplacing records.

Ultimately, anything that is static and unused but may still have relevance up to a certain point in time should be archived. The goal here is to keep it out of sight and out of mind until it is needed.


Once the data has stretched beyond data retention requirements, it’s time for it to be deleted. This might be because it has been archived for the amount of time required by law, or because it has been stored indefinitely, but has not been looked at for months or years.

“Resist the urge to hoard.”

TechTarget contributor Brian Posey noted that every business needs a data deletion policy to supplement its data retention policy. This helps businesses determine when to purge, how often to purge and what to purge. Regular, secure deletion of data is vital because it frees up space for new data. Equally as important, compliance codes actually mandate that certain information is deleted after a certain period of time. Again, the ability to automate this process wherever possible can save staff a lot of time, and make sure that space is being used at maximum efficiency. Resist the urge to hoard.

In summary, back up what the business can’t live without, archive that which is rarely used but may be called upon for compliance reasons and delete everything that is needlessly hogging space. Visit our blog to learn more about how to protect and back up your company data For information on data archiving, visit our active archive page.