Secure Data Storage: Nonprofit CRMs should use secure servers and encryption technology to protect data both in transit and at rest. It's important to ensure that the CRM software being used is regularly updated with security patches and that all data is backed up regularly. At ResultPlus Online, your data is stored in our secure onsite datacenter and also backed up offsite in a world-class data center. We take care of the security.
User Access Controls: Access to sensitive data in nonprofit CRMs should be restricted to authorized users only. User access controls should be implemented, and all users should be required to create strong, unique passwords. Additionally, user accounts should be reviewed periodically to ensure that access is still necessary and appropriate. Organizations should have a user policy in place to ensure only the necessary users are accessing the database.
Privacy Policies: Nonprofits should clearly communicate their data privacy policies to stakeholders, including donors and volunteers. These policies should outline what data is collected, how it's used, and who it's shared with. They should also provide information on how stakeholders can opt out of data collection and how to request that their data be deleted.
Staff Training: Staff are the first-line defense! It's important to ensure that all staff members who have access to sensitive data are properly trained in data security and privacy best practices. This includes training on how to identify and avoid phishing scams, how to create strong passwords, and how to identify and report suspicious activity.
So, why is all this important? Implementing data security can prevent fraud and phishing; just one breach can ruin an organization’s brand and send donors running for the hills. But, a robust security and privacy program can help to build trust with donors and volunteers and enable nonprofits to fulfill their missions more effectively.