Not all data is the same nor does each piece of information require the same levels of protection. Some information requires no protection, some needs to be locked down and monitored so you know if it has potentially been compromised. Different pieces of data also have different lifespans. Some isn’t worth keeping at all, other information needs to be saved indefinitely in a format that you can access on demand.
Failing to comply with these requirements can mean big problems. You could face government fines and penalties as well as a public relations nightmare in more high-profile situations.
You might be thinking that that these rules and regulations don’t apply to you as a small or midsize business, that they’re really aimed at the Fortune 500 firms and big multinational corporations that have even bigger troves of data.