Laboratory result data – Part 1: Why data preservation matters, and when Excel may not be enough

What happens to laboratory data after the measurement?

A laboratory produces data every day. Measurement results, calibrations, control samples, method validations, all of it accumulates through hours of work, calibrated instruments and method expertise.

But what happens to that data once the measurement is complete?

Where is it stored? Who is responsible for keeping it? And what happens if it's needed years later and can no longer be found?

These questions are often left in the background, even though they are precisely what determines whether the work done is ultimately verifiable.

Laboratory data is more than just numbers

Laboratory data is not just a row in a spreadsheet. It is:

evidence of quality for the customer
proof to the authorities that requirements are met
documentation in the event of a dispute
the basis for non-conformance investigations
historical material for trend analysis and continuous improvement

Beyond the test results themselves, laboratories accumulate a significant amount of other data whose preservation is equally important: calibration records, control sample results, comparison measurements, and method validation data. This is the material relied upon when someone asks why a measurement result can be trusted.

In many industries, the retention periods for result data are not short. They are determined by standards, regulatory requirements and customer agreements, and they can range from years to decades, in some cases the entire lifecycle of the product.

This sets a simple but demanding requirement:

data must remain intact, unaltered, and accessible throughout this entire period.

What requirements apply to laboratory data

Requirements vary by sector — ISO 9001 and ISO 17025, GMP, HACCP, EN standards, customer audits, and where applicable GDPR, but their core is very similar.

Data must be preserved, changes must be traceable, and the original information must remain retrievable even years later. At the same time, the system needs to withstand human errors, equipment failures and cyber risks without critical information being lost.

How to ensure that data is preserved

In practice, these requirements are met using one established principle: 3-2-1 backup.

It means:

3 copies of the data
2 different storage media
1 copy in a geographically separate location

3-2-1 backup diagram showing AILABIS primary servers in Northern Europe, automated daily backup to Central Europe, and monthly on-site physical backup.

In practice, data is not kept in just one place or one system, but is distributed across different servers, different storage solutions, and often different geographical locations.

The idea is simple: a single point of failure must not be enough to destroy the data.

Where Excel reaches its limits

In many laboratories, daily work still revolves around Excel. That's understandable because Excel is powerful, flexible and a familiar tool for working with results.

The same pattern also appears in laboratories that have a LIMS system in place. If the system is heavy, rigid or slow to use, part of the data still ends up in Excel, simply because working there is faster and more flexible.

The end result is often that critical data becomes scattered across several places, and the overall picture is no longer fully under control.

When Excel is used for the long-term management of laboratory data, certain limits become unavoidable:

the data depends on one or a few files
version history is not reliable
changes don't leave a proper audit trail
backups are not transparent from the user's point of view
file corruption or accidental overwriting is a real risk

Long-term retention, traceability, auditability, and system-level backups are things that are not realistically achieved with a model built around Excel.

Not because Excel is a poor tool, but because it was never designed to be a system for this purpose.

AILABIS in practice

AILABIS Results is built for exactly this.

Results are saved automatically as soon as they are entered. The system includes a built-in audit log that always records:

who entered or modified the data
when the change was made
what the original value was
what the new value is

Illustration of laboratory data preservation showing a laboratory technician uploading results to AILABIS Cloud, with a timeline from 2026 to 2036 and a magnified audit trail demonstrating complete traceability over time.

Backups follow the 3-2-1 principle: multiple copies are kept, on different storage solutions, geographically distributed.

At the same time, the system has been kept light and flexible to use. Results, calibrations, control samples and other laboratory data can be organised according to the laboratory's own structure, without the everyday work becoming cumbersome.

From the user's point of view, this doesn't appear as complexity, it appears as the confidence that the data is preserved.

But this is no longer the whole story

A few years ago, this would have been enough for most. If the data was safe, backed up and recoverable, things were in order.

Recent political developments, however, have brought a new angle into the conversation. Across Europe, there is increasing discussion about digital dependency, and about the fact that much of European data ultimately sits in the hands of companies based outside Europe.

At the same time, data preservation has become a second kind of question:

not just whether the data survives, but where it is located and under whose legislation it is processed.

It makes a difference whether the data is:

in a service hosted in Finland
in a wider European cloud
or in the hands of a US-based company, even if it is physically located in Europe

This is no longer a purely technical detail. It defines who can gain access to the data and under what conditions.

In the next part, we'll look at this more closely and explore what the CLOUD Act means in practice.