G
Glyde
Get Started Free
All templates
InsuranceIT & DevOps

SOP Template: Data Backup for Insurance

Free data backup SOP for insurance agencies. Covers AMS backup, client data protection, and disaster recovery procedures.

March 12, 2026·6 steps·12-point checklist

Purpose

Protect client policy data, financial records, and agency operations from data loss through systematic backups and tested recovery procedures. An insurance agency that loses its AMS data loses its entire book of business — client information, policy records, and commission data that took years to build.

Scope

Covers backup procedures for the AMS, email, financial records, carrier documents, and business continuity planning. Does not cover cybersecurity incident response (separate SOP).

Prerequisites

  • Backup software and storage solution selected and configured
  • Data inventory identifying all critical systems and data stores
  • GLBA Written Information Security Program (WISP) on file
  • Recovery time objectives (RTO) and recovery point objectives (RPO) defined
  • Offsite or cloud backup location established

Roles & Responsibilities

IT Administrator / MSP

  • Configure and maintain backup systems
  • Monitor backup completion and resolve failures
  • Execute recovery procedures when needed

Agency Principal

  • Approve backup strategy and budget
  • Ensure GLBA compliance for data protection
  • Authorize disaster recovery activation

Office Manager

  • Verify daily backup completion notifications
  • Maintain the business continuity plan
  • Coordinate with staff during recovery scenarios

Procedure

Identify every system and data store that must be backed up: AMS (Applied Epic, Hawksoft, AMS360), email, accounting software, carrier correspondence, scanned documents, and any local files. Classify data by criticality: the AMS is the highest priority — without it, the agency cannot service clients or track commissions.

  • aList all systems containing client or business data
  • bClassify each system by criticality (critical, important, low)
  • cIdentify data storage locations (local server, cloud, individual workstations)
  • dDocument data retention requirements for each data type
  • eCalculate total data volume for backup capacity planning

Completion Checklist

0/12

Key Performance Indicators

Backup success rate

99.9% of scheduled backups complete successfully

Recovery test pass rate

100% of monthly tests restore data successfully

Recovery time

AMS restored within 4 hours (RTO)

Data loss window

Maximum 24 hours of data loss (RPO)

Revision schedule: Quarterly, or after any data loss incident, backup failure, or change to backup infrastructure.

Why This Matters for Insurance

An insurance agency's data is its business. The AMS contains every client record, policy, commission statement, and activity note accumulated over years or decades. Losing this data — through hardware failure, ransomware, natural disaster, or accidental deletion — can be a business-ending event. Agencies have closed permanently after data loss events. Beyond business survival, GLBA requires insurance agencies to protect customer data, and state regulators can take action against agencies that fail to maintain adequate data protection. Backups are the last line of defense when everything else fails.

Common Mistakes

  • ×Running backups but never testing recovery — 30-40% of untested backups fail to restore when needed
  • ×Storing backups only on-site, so the same event that destroys the server also destroys the backups
  • ×Not encrypting backup data containing client information, violating GLBA requirements
  • ×Relying on the AMS vendor's cloud hosting as the only backup without an independent copy — vendor outages happen
  • ×Not verifying daily backup completion, so a failed backup runs unnoticed for weeks until data is needed

Insurance-Specific Notes

Insurance agencies are subject to GLBA Safeguards Rule requirements for protecting customer nonpublic personal information. State insurance departments may have additional data protection requirements. Many carrier contracts require agencies to maintain adequate data backup and security. For agencies using cloud-based AMS (Applied Epic Cloud, Hawksoft Cloud), the vendor provides primary hosting and backup, but the agency should maintain an independent data export/backup as a safeguard. For agencies with local AMS installations, the agency is fully responsible for backup and recovery. Ransomware attacks specifically target insurance agencies because of the sensitive data and willingness to pay — tested, isolated backups are the primary defense against ransomware.

Frequently Asked Questions

Learn More About Data Backup & Recovery

For a deeper look at building onboarding documentation, see our complete guide.

Related Templates

More SOP templates

Insurance·Operations

Insurance Change Management Standard Operating Procedure Template

Free change management SOP for insurance agencies. Covers policy endorsements, system migrations, and carrier changes.

Insurance·Compliance & Legal

Insurance Compliance Audit Preparation Standard Operating Procedure Template

Free compliance audit preparation SOP template designed for Insurance Compliance & Legal teams. Includes step-by-step procedures, checklist, roles, and KPIs.

Insurance·Customer Support

Customer Onboarding SOP Template for Insurance Teams

Free customer onboarding SOP for insurance. Covers policy review, coverage explanation, and client portal setup.

Record It Once

Record your backup procedures with Glyde

Walk through your data backup and recovery process once. Glyde captures every step and generates an SOP your IT team can follow — so when disaster strikes, recovery is documented and tested.

Try Glyde Free