Cyber-attacks and data breaches are growing significantly among nonprofits. As accounting software consultants, it is important to advise nonprofits as to where their data is, who has access to it, and how to protect it.
Many organizations focus on funding losses or damage to their nonprofits’ reputation. Data breaches can cause just as much damage to your nonprofit, but gets overlooked quite consistently. BizTimes states, “The key for nonprofits is to implement cybersecurity policies and practices.” Nonprofits handle sensitive data daily, so it is expected they will be targets of a data breach.
Data breaches can result in serious consequences, such as your nonprofit being fined, facing lawsuits, or losing your donors and member’s trust.
There are many possible ways for your nonprofit to safeguard their donors’ data, but we have come up with six steps to follow. Not all steps will be time-consuming and cost your nonprofit money, but they are simple ways for your nonprofit to approach data management. These steps will help protect the privacy of your donors’, employees’, and volunteers’ data.
Six Steps to Keep Your Nonprofit’s Data Safe
- Understand data privacy regulations: Regardless of where you live, it is important to understand which data privacy regulations apply to your nonprofit. If you collect donor data, membership data, or data on those receiving your nonprofit’s services, you are a potential source of a data breach. It would be wise to take inventory of all your data sources as soon as possible. Do not forget about your volunteers and employees. Their social security numbers, names, addresses, and email information could be a source of a data breach
- Determine where all your data is stored: This step sounds easier than it looks. Your nonprofit’s data could be stored on multiple servers, in the cloud, or a combination of both. Do not forget to look for any copies that could be on external hard drives or memory USB drives.
- Classify your data: Separate your data into specific classifications based on how sensitive the data is. Data, such as credit card information, health records, and social security numbers are highly sensitive data files. Other data that is considered less sensitive would be names and addresses. A good rule of thumb is, if information can easily be found in a public domain, it is not sensitive data.
- Create and update policies: A data policy provides guidelines as to who can view, access, store, and utilize your data. If your nonprofit has not updated their policies for years, this can be more problematic than not having policies at all. Be sure to include how all data will be backed up and updated in the future.
- Create an emergency plan: In case there were to be a data breach, what would be the steps everyone would follow to lock down the remaining data, alert those who are affected by the breach, and ways to safeguard your nonprofit against future breaches?
- Train your staff: It is important to train your staff thoroughly in how to safeguard and protect your nonprofit’s data. It would also be good to train them on basic internet security practices and how to avoid phishing scams and viruses, if possible.
Consider a Data Protection Insurance Plan
Do you need peace of mind in knowing that your nonprofit can be covered in the event you experience a data breach? If your nonprofit handles highly sensitive data, we would highly advise, as accounting software consultants, to consider specific insurances that would cover data theft, losses, or cyber-attacks. Having insurance would ensure that your organization could recover from and repair the damages made.
Data breaches by cyber-attacks are becoming more prominent in the nonprofit world. No one likes to think about it or the data that could be stolen, but it is a smart move to take the steps now to improve your nonprofit.
RBP Methods is a nonprofit software and consulting firm that helps right-brained people navigate a left-brained world. We understand how hard it is to ask these tough questions and to change your nonprofit’s mindset. We offer a wide range of services as accounting software consultants, who are focused on helping nonprofits manage their accounting and financial needs. Our software choices include Ablia, Accufund, and other nonprofit accounting software. For more information, visit RBP Methods or call us at 503-648-9051 for a consultation.