Backing up data: here's how the law sees it

The Principles on Data Access and the Auditability of Digital Records regulate the need for data backup of tax-relevant records in Germany.

Legal aspects of data backup strictly speaking involve two questions: what am I allowed to do and what do I have to do? As long as the data remains in-house, it is of course permissible to back up all data that has been legally stored. Problems can arise if the data is backed up or archived externally. As far as personal data of customers or employees is concerned, this is a transfer of data to third parties. However, even this does not pose a serious problem if this point is listed in the relevant consent forms.

What must be backed up?

 Basically, all documents must be backed up that could be needed as evidence in a civil lawsuit at some point in the future. This concerns all documents that are created due to a legal documentation obligation. This of course includes invoices, delivery notes and other business documents that serve as proof of completed transactions. But numerous other records also fall into this category. Doctors and lawyers must document the proper counseling of patients and clients, respectively, and companies must document compliance with regulatory requirements. All of these documents must not only be backed up, but also archived in an audit-proof manner. A document that can be changed at a later date has no probative value. There are numerous archiving systems available on the market that work with qualified time stamps, for example. Technically, this problem is therefore solvable.

Principles on data access and auditability of digital records

In Germany, all documents that are related to taxes in the broadest sense are subject to the „Principles of Data Access and Auditability of Digital Documents“. This is a binding administrative instruction of the Federal Ministry of Finance, which no company in Germany can avoid. The core of this instruction states that a tax auditor must be granted read access to all tax-relevant digital documents at any time upon request. This means much more than just having all the required documents somewhere on a backup tape in the basement. Documents from previous years must be backed up in such a way that the backup archives can be accessed at any time. There might be no enterprise that really fulfills the GDPdU to 100 percent. Because to the „tax-relevant digital documents“ belong for example also all internal mails, which concern tax-relevant procedures. Every practitioner should know that no company is able to filter out all the mails that someone in the company wrote to someone else years ago and that have any reference to a specific process. But for the documents that are usually relevant in the context of a tax audit, the strict requirements of the GDPdU should be observed.

Langmeier Backup

Backup for Windows

  Buy Now   Try it for free
Backup software for Windows

About the Author Sebastian Müller
partner support

Sebastian Müller is partner and top customer support at Langmeier Software, making him the best person to talk to about Langmeier backup backup solutions.

Phone: +41 44 861 15 70

Further lookup: Data backup

Articles relevant to the topic
Which backup type is the best choice for my data?
The most frequently asked questions when choosing a backup solution
FAT32 or NTFS? Which format is better for backup?

Post a comment here...

This article covers:
Legal foundations of IT security
Internet backup and law
Laws data backup
Is encryption legally relevant for data backup?