Does your nonprofit have a firm grasp on how it’s policies towards the use of technology, especially social media, reflect its values and mission? Nonprofits exist to advance the public welfare and best interests, as they attempt to solve major social ills. Using technology can make it easier to achieve your goals and other objectives, helping you to measure and improve performance, and increase transparency, but it is not without risks.

Are your data handling policies up to the public’s expectations and the requirements of regulatory bodies? Any breach of security is also a breach of trust, as NFPs are held to a higher standard than other organisations in the for-profits sector.

Review the following areas of data handling in your nonprofit to determine if your NFP has adequately assessed these risks. Consider the steps that your nonprofit can and should take to mitigate the potential for theft, misuse, accidental disclosure or other loss.

Utilisation

How does your NFP collect and use data to improve governance? Are you putting software, apps and other technology to their best use to improve the accuracy and efficiency of collecting data and using it to improve results in critical areas such as member services, volunteer management, recruiting and training, donor acquisition and retention, fundraising and so forth? Is everyone in your organisation fully trained on how to use the technology to both improve outcomes and measure your performance?

Storage

What types of storage does your nonprofit use to protect its digital information? Do you utilise hard copies and local storage for backups? Have you taken steps to secure the integrity of your information and prevent its accidental or unauthorised release? Does your nonprofit take advantage of cloud storage technologies to both improve the accuracy and security of your NFP’s information?

Protection

Are you doing enough to protect the privacy, sensitive data, demographics and other information about your staff, donors, members, service beneficiaries and other stakeholders? While you may have deployed various local measures, what about the information you share with outside third parties? Many social media channels collect personal, identifying information about their users, have you taken steps to protect your followers when they share information with you via one of these platforms?

Are board members, staff, volunteers and others connected with your organisation fully trained on security measures and how to use two-factor authentication, secure VPNs and separate logins and passwords to protect your nonprofit’s digital data? What about your internal processes? Do you have controls in place to limit the number of admin accounts for your financial software, apps and other programs? Do you use controls that track users and the dates and times that they access sensitive information?

Since each nonprofit will use and deploy technology in a very customised way, the approach that your NFP takes to minimise the risk of a data breach should also be highly customised. Focus on how to best advance your mission while respecting your values, improving oversight, increasing transparency and protecting the rights and privacy of all of your stakeholders. At the very least, your nonprofit should be open to investing in the updates and upgrades that enhance the security of your information, while improving your effectiveness!