It’s no secret that data has become a new currency for businesses of all sizes. That being said, however, there are still some industries that have been slower to adapt to this new way of thinking than others. For example, the nonprofit sector has historically been very guarded with its information and strategic plans; especially those concerning donors and investors. Readers who follow our blog regularly know that security concerns have been top-of-mind lately. Between breaches of sensitive data at major retailers such as Home Depot and Target and the recent discovery of insider threats at hotels like the Ritz Carlton and Hotel New Delhi, we have seen just how quickly sensitive information can be leaked everywhere.
What Can Be Considered Sensitive Data?
There is no strict definition for sensitive data. However, the data that is most often considered to be sensitive for industries such as nonprofits are of a financial and/or personal nature. These types of data can include: – Employees’ Social Security numbers – Customers’ credit card numbers and/or banking information – Investors’ income information and/or financial data – Details about the organization’s strategic plans The above list is not exhaustive, but it gives a good indication of the types of data that should be considered sensitive.
Why is Properly Handling Sensitive Data Important for Charities?
The primary reason why nonprofits should carefully handle all types of sensitive data is GDPR, which is a European Union law that came into effect in May 2018 that regulates how organizations handle personal data. This law will likely have a knock-on effect on American businesses, requiring them to tighten their belt on what they can and cannot do with sensitive data. The GDPR law comes with some hefty fines for organizations that do not adequately protect customer data. In addition to GDPR, there are many other reasons why charities need to be careful with sensitive data. One of the most obvious ones is that charities rely heavily on donor sentiment. If donors feel their information is not properly protected, they are less likely to donate to your organization and/or recommend it to others.
How to Properly Handle Sensitive Data for Charities?
The first step to properly handling sensitive data for charities is to create a centralized data management system. This system should be designed to keep information safe from cyber threats and be able to provide auditable data for regulators. There are many types of data management systems, which vary in complexity and cost. A labeling system will allow you to mark which files contain sensitive data and mark them appropriately. This is especially important if you store data in the cloud, where you will not be able to physically mark the files. A data security policy that is enforced by all employees is another important tool in the fight against data leaks. This policy should include a list of what constitutes sensitive data, what employees should do if they come into contact with this data, and what to do if a breach occurs.
Conclusion
It’s no secret that data has become a new currency for businesses of all sizes. That being said, however, there are still some industries that have been slower to adapt to this new way of thinking than others. For example, the nonprofit sector has historically been very guarded with its information and strategic plans; especially those concerning donors and investors. What can be considered sensitive data? There is no strict definition for sensitive data. However, the data that is most often considered to be sensitive for nonprofits are of a financial and/or personal nature. Why is properly handling sensitive data important for charities? The primary reason why nonprofits should carefully handle all types of sensitive data is GDPR, which is a European Union law that came into effect in May 2018 that regulates how organizations handle personal data. In addition to GDPR, there are many other reasons why charities need to be careful with sensitive data. How to properly handle sensitive data for charities? The first step to properly handling sensitive data for charities is to create a centralized data management system. This system should be designed to keep information safe from cyber threats and be able to provide auditable data for regulators.
ALSO READ
