Data Security

One thing you learn in management school is that trust, like respect, is given — not taken. It has to be earned over a long period of time and can be easily eroded by a single mishap. That is equally true of the relationship between fundraiser and donor. The fundraiser communicates the need, and the donor trusts the fundraiser as a representative of the cause to be a responsible steward of the donated money. One slip and the donor’s confidence in the cause’s ability to use the gift wisely may be damaged.

The conservative political group Citizens United has won a ruling from federal election authorities that it does not need to disclose the donors that finance its political documentaries. Citizens United successfully argued to the Federal Elections Commission that because it primarily produces films, it should be considered a media organization and be exempted from disclosure requirements for political activist groups.

No area of fundraising intertwines development staff and donors in more personal relationships than planned giving.

In many cases, all a prospective donor asks is that a development executive supply generic information about how a particular gift plan might function, what the payment rates or tax deduction might be, or whether an organization can serve as a trustee.

Having a donor privacy policy on your site is a must for nonprofit organizations collecting donor information online. But having a privacy policy doesn’t necessarily mean you’ve got the whole privacy issue taken care of. The Cleveland Museum of Natural History has a donor privacy policy and bill of rights posted on its Web site. But Bill Lynerd, chief development officer of the museum, says one thing that’s recently come up for the institution is the question of whether or not it’s a privacy issue to post its annual report — along with the names of donors who contribute $15,00 or more a year

Knowing personal information about constituents in the online sphere allows organizations to provide visitors with more personalized and meaningful communications and services. But with this benefit comes the danger that the personal data you collect could be misused or its security breached. Donors know the dangers inherent in providing an organization personal information and will be reluctant to do it unless the organization can ensure them of its safety and intended use. In the whitepaper “The Growing Concern for Privacy Online” for the National Association of Colleges and Employers Technology Committee, authors Judy Applebaum, Shirley Marciniak and Paula Quenoy recommend that all “Web

Whether you’re dealing with customers, members, donors or clients, keeping their personal information private, especially in the seemingly insecure environment of the Web, is a key concern. One way to reassure donors that their personal information is secure is to include a privacy policy on your Web site that lets them know things like what information you collect, how that information is used, what happens with cookies, the opt-out process and who to contact with questions about privacy issues. The No. 1 tip offered by the Direct Marketing Association when it comes to constructing a privacy policy is to keep it simple. The

 OK, OK, I’ll admit it … my mother was right — but, please, don’t tell her!! Turns out that some of the lessons she taught me can apply to the ethical collection and use of personally identifiable data, and other privacy issues. Here’s how: Lesson ONE Don’t talk to a person about something affecting them if they did not personally tell you. Always make sure that you collect information from constituents in an opt-in manner and give donors ample opportunities to help you collect this data. A good example of this is using check-off boxes on event-registration forms,

Through a program called Free is Free, e-mail security software is free for the taking for nonprofit organizations small and large that provide things such as food, medicine, shelter, emergency services and education to children in need.

The program is being offered by Newburyport, Mass.-based e-mail security company Declude. It was inspired by an encounter that Declude CEO Rich Person had with Pennye Nixon-West, founder of ETTA Projects, a Seattle-based organization that provides education, economic opportunities, food and health care to help Bolivian mothers feed their families and escape poverty.

Individuals in today’s workplace, whether nonprofit or for-profit, often make two common errors when thinking about privacy and information security. First, people tend to think of information security as a technology problem — making it all about firewalls and encryption. Designing a truly secure information-handling system instead requires a holistic approach that uses technology components but that first must address business processes, policies and, most importantly, people. Many serious and successful hacking attempts begin with what hackers refer to as “social engineering” — they compromise the human components of the information system rather than the electronic ones. Second, people often think of information

The white paper “Striking a Balance: Privacy and Data Protection Strategies for Higher Education” by Trusted Network Technologies and made available by Knowledgestorm looks at the challenges universities face in protecting the privacy of their faculty, staff, students, alumni and donors while making their information available to those who need it. From February 2005 to June 2006, there were 68 breaches of personal digital information at U.S. universities and colleges, the paper reports. In the face of this negative publicity, colleges and universities are faced with the challenge of maintaining the trust of alumni and donors, as well as students, parents and faculty. Trusted