Data Center

How Nonprofits Should Store and Protect Donor Data

By properly storing and managing information, nonprofits can improve fundraising and efficiency while maintaining their donors’ trust.

Calvin Hennick

Calvin Hennick is a freelance journalist who specializes in business and technology writing. He is a contributor to the CDW family of technology magazines.

Perhaps as much any other industry, nonprofit organizations rely on data as their lifeblood.

While a retailer could conceivably still attract shoppers and make sales even if its customer data somehow disappeared, most nonprofits would be completely crippled without their donor lists. Without ready access to information about who gives (and how, why, when and how much), charities would struggle to raise the revenue they need to simply keep their doors open.

This makes it critically important that nonprofits be strategic about storing, securing and sharing donor data.

Tools That Will Maximize Donor Data

There are a host of on-premises and cloud data analytics and storage tools nonprofits can use, but a popular type is customer relationship management software. CRM platforms allow organizations to store donor data in ways that make the information easily accessible for critical tasks. For instance, CRM systems can simplify donor segmentation, allowing charities to personalize communications for smaller groups of donors.

These tools can also help cultivate donors, giving nonprofits ready access to information about engagement history — which will, in turn, provide the necessary context to help communications teams decide which strategies will work best to encourage donors to increase the size of their gifts.

Nonprofit teams can also use their CRM tools to better understand when donors are in danger of falling away from the organization, ultimately improving their donor retention rate.

Nonprofits Must Protect Donors’ Information

Simply put, data security is essential for maintaining donors’ trust. If a data breach results in donors’ personal or payment information being compromised, it could take a nonprofit years to recover from the hit to its reputation.

There are a number of steps that nonprofits should take to protect donor data. Charities can restrict access to only those within the organization who need it, and use password managers and multifactor authentication from providers like Azure and RSA. They should also ensure that third-party payment processors comply with security best practices.

Nonprofit websites must have SSL certificates and should adopt a defense-in-depth strategy that incorporates tools like anti-virus, anti-malware, firewalls and intrusion prevention systems. Finally, global charities must comply with General Data Protection Regulation (GDPR) rules, and should take advantage of risk assessment tools and other solutions to do so.

When Can Donor Data Be Shared?

Nonprofits often have an opportunity to earn revenue or gain access to new donor lists by selling or sharing their own donors’ information with others, but doing so can come at a steep price. Donors may feel turned off — or even downright betrayed — if an organization shares their information with other charities. The nonprofit fundraising site Raise-Funds bluntly calls it “bad practice” for nonprofits to give away their donor lists, and says it’s “even worse” to sell them.

CharityWatch reports on nonprofits’ donor privacy policies, sorting them into one of the following three categories: those with a no-sharing policy, which never exchange donors’ information for third-party fundraising or marketing; those with an opt-in policy, which do not share information unless donors explicitly grant permission to do so; and those with an opt-out policy, which reserve the right to share information unless donors ask them not to.

Even organizations with an opt-out policy should provide clear instructions for how donors can withhold consent to share their information. Nonprofits that don’t provide these instructions do not satisfy CharityWatch’s Privacy Policy benchmark. They also risk alienating their own donors — an outcome that no nonprofit can afford.

donald_gruener/Getty Images