Data Handling and Backup Legal Requirements
Some companies have a strict regulatory policy regarding data backup. According to certain legal requirements, e.g. Financial Regulations, a company may be required to keep certain data for a particular period of time. For example, healthcare organizations submit to the Health Insurance Portability and Accountability act (HIPAA) which imposes a strict demand to keep backups of patientsí medical histories and diagnostic results. This is done to maintain data integrity and accessibility, and for audit purposes. In many commercial enterprises it is necessary to preserve financial and business documents for several years, or even permanently.
Besides this, there's always a possibility that the law will prescribe that certain data must not be kept longer than for a certain period of time, or must be destroyed at the end of a contract. For example, if an educational training exploits some live personal data, it is usually eliminated after the end of the training or demonstration (unless itís unavoidable).
Therefore, the question of correct data protection in accordance with prescribed data handling policy should also affect your choice when you architect the backup solution. It is good practice to always include the legal department when determining the data retention requirements whenever possible.
See also: User Error,