What kind of data should a company absolutely protect or not store in the first place? - Actonic – Unfolding your potential
We have outsourced our Atlassian licensing and services business to the newly founded Seibert Solutions GmbH. Actonic's products will be further developed under the usual name.
Become an Atlassian Knowledge Champion

What kind of data should a company absolutely protect or not store in the first place?

To make data protection in your company as simple as possible, you should become familiar with the topic a little more, and clarify for yourself and your employees which data is worth protecting or which is best not stored at all to protect it from misuse.

This data is absolutely worth protecting

A company should definitely protect all sensitive and confidential data, such as:

  • Personally Identifiable Information (PII) of customers and employees.
    • Name, address, email, social security number, date of birth, etc.
    • This also includes contracts, NDAs, payment details and other terms and conditions
  • Financial information
    • Bank account numbers, sales figures, profits, stock information, credit card numbers and payment information
  • HIPAA health information
    • Name, address, birth and death dates, social security numbers, prescriptions, medical orders
    • As well as IP addresses, insurance information, biometric identifiers, photographs, and payment information
  • Intellectual Property
    • Patents, trademarks, concepts
  • Trade secrets
    • Prescriptions, software code, pricing information, specifications, or even customer lists

This data should not be stored at all

Additionally, there are certain types of data that a company shouldn’t store in the first place to avoid getting into trouble:

  • Passwords and authentication information in plain text. These should always be encrypted.
  • Data that is not relevant to business operations or purposes. Remember storage limitations.
  • Data obtained through illegal or unethical means, such as hacking or phishing.
  • Data that violates privacy or human rights laws, such as ethnic information, political or religious beliefs, and sexual orientation.


If you’re an organization that needs to evaluate the importance of data privacy, always look at the sensitivity of the data as well. Actonic’s data privacy compliance service will be happy to assist you.

Discover our Apps for Jira and Confluence