The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

Creating and storing a backup of data is an important component of a disaster recovery strategy. It is also important to keep a backup in a remote location (ie not in the same physical location as the live copy).

A common scenario is for an organisation to record backups onto tape, disk or other physical media which are moved to a secure location. If the data is stored in an encrypted format then it will be protected against unauthorised access. It will be important however to have good key management to ensure that the data can be accessed when necessary in the future.

In the case of a long term backup or archive it may also be important to ensure that the data can still be accessed and that the encryption that was used remains appropriate over time.

An additional option is for an organisation to use a cloud-based service for offsite backup or data storage. The data would typically be transmitted over the internet and stored on a remote server managed by the third-party cloud provider. Use of a secure transfer protocol (eg TLS) will ensure that data cannot be intercepted in transit. However, it is important to remember that without additional encryption methods in place the data will only be encrypted whilst in transit and be stored on the cloud provider’s system in the same form as it is stored on the data controller’s system.

Read our guidance on the use of cloud computing for more information and advice on storing personal data in the cloud:

If the data controller were to encrypt the data prior to transmission (and keep the key secure) this would mean that the cloud-provider, or any third-party who gained unauthorised access to the data, would be unable to access the data.


Welcome Financial Services Limited was served a civil monetary penalty of £150,000 after the loss of more than half a million customers’ details. The organisation was unable to locate two backup tapes which contained the names, addresses and telephone numbers of customers. Data on the backup tapes was not encrypted.