PRODUCTIVITY

Managing Data Security For Your Charity

Rob Burns

"Know your data"

No matter the scope or purpose of your charity, it is likely it holds a substantial amount of data about individuals working within the organization, or individuals you work for, on behalf of the organization.

Data stored, relative to your charity, is likely to be 'private' data. In order to conform to legalities, and to evade costly fines concerning to the misuse or mismanagement of personal data, you must ensure that all information stored by your charity is kept accurate, secure and up-to-date.

 

What Are The General Rules?

If you practice data capture and hold information about people, such as donors, customers, and campaigners, in most western countries you are legally obliged to protect that data. You must:

  • Only collect information when you need it for a specific reason
  • Hold the data as private
  • Only hold as much information as you need
  • Keep it for only as long as you need it
  • Let the subject of the data to see it whenever requested
  • The ICO offers further guidance for charities, including a free one-day data protection review

 

How Can I Improve The Data Protection In My Charity?

  • Guarantee all staff are fully trained. Personnel should receive data protection training to explain how they should handle and store personal data.
  • Only keep data for as long as necessary. Ensure your charity has recognized retention periods and has put a procedure in place whereby personal information is removed when it is no longer essential.
  • Set up a system for updating information. If possible, ask individuals on the database to take a moment to check and update their records.
  • For larger charities and organizations, it may be essential to outsource data storage to experts. Check their data protection policies and credentials to ensure they are dependable and responsible.
  • Encrypt laptops, backup disks, and any portable devices. Also, consider installing a remote 'wiping' solution that will delete your hard drive in the event it is stolen.
  • Let your users and staffs know what you aim to do with their data: they should know whom it is going to be shared with and how it will be used. They also have the right to correct any information if it's incorrect. If you obtain information by saying it is for a definite purpose, this is the only purpose it can be used for. E.g., you wouldn't be able to send a fundraising request to someone who has provided his or her email address just to receive a newsletter.
  • Ensure you have a tough password on files and portable devices: Use symbols and lower and upper case letters.

 

What Are The Benefits Of An Efficient and Successful Data Handling Policy?

Dealing with data safely makes decent business, and can bring a range of benefits for your organization. You will guard your charity's reputation, increase donors' and volunteers' assurance in the running of your organization, and - by making sure all information is kept correct - save both time and money when marketing to your fundraising base.


To get all the benefits of Launchcloud or to just find out how Launchcloud can help your creativity thrive, sign up here for free.

Related stories