Legally Compliant Archiving

Complying with legal requirements is the main reason many organizations spend time thinking about archiving solutions. But what exactly is required to be compliant?

A Combination Several Laws and Regulations

Archiving in a legally compliant manner boils down to two key things: considering the various combinations of different legal regulations, and finding the best way to implement them in practice. The General Fiscal Law, Commercial Code, GoBD, and other regulations play key roles. Since no technical procedures are mandated by them, there is a certain scope of interpretation. The term "legally compliant", that so many vendors like decorate their archiving solutions with, has to be looked at with great attention, and must be carefully verified in each individual case.

Retention Periods and Original Conditions

Varying retention periods are one factor that has to be considered. In practice, retention periods for data that is important for taxation purposes can go up to eleven years, or even higher in special cases. To ensure that not only requirements mandated by fiscal law, but also those by civil law are met, data must be kept unmodified, and it must be possible to prove that no modifications have taken place. This can be done, for example, by using unambiguous digital signatures and security mechanisms, such as encryption.