The aim of the article is to characterize the specificity of business information and issues related to ensuring their security on the example of the Business Information Bureau. The analysis covered the National Debt Register of Business Information Bureau S.A., which is the first and one of the largest entities of this type operating in Poland. The article first discusses the specific nature of business information as a special type of information regulated by the Act dedicated to it. The following part analyses the functioning of information security systems and procedures in the company’s business information security. This analysis is to illustrate how the requirements imposed on business information offices were implemented in practice in the scope of an information security management system.