"

Estimated reading time: 2 minutes, 39 seconds

Keeping Your Donor Data Safe

Technology plays an important role in most organization’s day-to-day activities. Donor information is stored in a database, fundraising is done online and volunteers carry laptops to offsite fundraising events. With all that information floating around in cyber space, it is no longer a case of if your organization will suffer a data breach, but when. A constant threat is now lurking, so it is vitally important you take all the steps possible to keep your donor data safe. 


In the event of a data breach, your organizations’ failure to keep your donor’s information safe can have serious financial repercussions. So how do you keep your information safe? In order to keep your donor data safe you have to know where it is, a few years ago, the answer was simply locked in a file cabinet in the director‘s office. 

Not so anymore, now data can be on multiple computers, or in the cloud. Why there might even still be some in a file cabinet somewhere. After you know where all your data is then you can determine what data is sensitive (items such as social security numbers, credit card numbers etc) and must be protected. 

Once you determine what data is sensitive you can create a plan to secure that data. Your plan should be a written policy that covers what data is accessible and who can access it. You can even have language in the policy that covers how you will collect the data. 

One of the easiest ways to keep donor data safe is to restrict access to the data. The more people with access to your sensitive information the bigger chance of a data breach.  Only the people who directly need the information should have access to it. On the other side, don’t prevent those who truly need access to the information from getting it. This will only make them circumvent your security to get the information they need. 

Another simple way to keep donor data safe is to refrain from collecting information you don’t need. Don’t collect a donor’s social security number unless there is a legitimate reason your organization needs that information. 

From a technology, standpoint, if you are going to keep your data in house then you needs to be serious about keeping it safe. Your organization should have multiple layers of protection including firewalls, password protection, encryption and even a special locked room for your servers. 

Because it can be very expensive to remain up to date on security and technology, many organizations choose to store their data in the cloud. The company providing the cloud storage is responsible for keeping the data safe from a technology standpoint, but the organization should still have policies in place for who can access the data. 

Lastly, consider a cyber insurance policy for your organization. A cyber insurance policy will cover those technology items not covered by standard liability insurance including damages to computers/computer systems, whether by error or the result of malicious attack. The policies also cover fraud, unauthorized access, theft of data and computer sabotage.
Read 20343 times
Rate this item
(0 votes)

Visit other PMG Sites: