Meeting our Privacy Obligations
As fundraisers one of our key stewardship obligations is to take care of our donor’s information. At the very least we enter their information into our fundraising database, we apply passwords, and we usually rely on our fundraising software to deal with credit card security. All well and good but what about the information we hold in hard copy? We often have hard copy correspondence from donors which may contain bank account details, changes of address, credit card numbers or letters telling us personal stories that really shouldn’t get into the public domain.
So what is your organisation’s policy about document retention and destruction?
We all know that financial documents should be kept for at least 7 years but what obligations do we have about other kinds of documentation.
The most pressing privacy issue for most fundraisers is a breach of the PCI security standards. These international standards apply to all credit card merchants, and they help to ensure healthy and trustworthy payment card transactions for the hundreds of millions of people who use credit cards everyday. The implications of a security breach are enormous and include loss of donor confidence, fraud losses, fines and penalties, termination of ability to accept credit cards, and potentially losing your reputation.
Security breaches can arise from paper stored in a cupboard, a compromised card reader, data in your fundraising software, excel spreadsheets, tapping into your network, key stroke logging which can be installed through a virus and password skimmers.
The best advice from the international body which promotes PCI compliance is not to store any card holder data!
So the key question for you and your database administrator is what do you do with card holder data that comes through the mail, or electronically through your website, or by email, or card holder data that comes over the phone?
For most organisations regardless of the number of transactions per annum, a minimum requirement is for the organisation to complete an annual self assessment of its security procedures and processes. Some credit card companies provide educational webinars.
As fundraisers, we recommend that you prepare a written policy on your security procedures and you may share this with your donors, perhaps on your website.
Make sure that your telephone operators and anyone else who may come into contact with card holder data are briefed on your security policy.
Securely destroy all card holder data in hard copy as soon as it has been entered into your fundraising software, and don’t leave any mail laying around that might have card holder data contained within it. Watch out for hand written notes taken over the telephone. Don’t ask for more information than you need.
So that’s your credit card data in your office. What about your data that’s held elsewhere?
Working with Contractors
When you outsource fundraising projects or tasks to other individuals or contractors you need to ensure that your data related to your donors is protected to the same degree that you do this in-house.
Diane Weatherhead, an expert in information and record keeping, advises that record keeping requirements and responsibilities should be clearly understood by both parties because your donor information is both an asset and a liability. It’s your intellectual property and any breach of privacy can affect your brand and your ability to fundraise.
Treat your donor information as if it were a tangible asset. Agree on what records are to be passed over, and then passed back at the end of the contract. Maintain clear guidelines on how long the contractor can retain the records, and what they can do with them. Ensure that the contractor knows how to dispose of records (if necessary) and keeps an appropriate schedule of what they have done with the records, particularly if they destroyed anything.
Diane also advises that all contracts or agreements with contractors contain a provision to ensure best practice record keeping.