Overview
With
privacy legislation in place or pending in many jurisdictions, it
is of critical importance for organizations to review their
policies and procedures regarding the collection, retention,
maintenance and protection of prospect and donor information.
-
Organizations should have a clear idea of what personal
information they have in their possession and where it is
housed.
- They
should ensure this information is secured and accessible only to
those who need to use it.
- They
should ensure that all information added to both electronic and
hard copy files passes a simple test: ask yourself if you would
feel comfortable having the donor read the information you are
putting in the file.
- They
should ensure that all staff members in your area are aware of
the broad implications of privacy issues for the work that they
do.
- At points of
data collection there should be an opt out for constituents.
- Advancement offices should have
a third party (for mailing or processing house) agreement that
protects the use of personal information.
- Universities need to establish a
process of how to handle requests from prospects/donors to see
their file. The divisions and schools should not
handle this on their own as personal information needs to be
collected from a variety of sources and presented to the individual in its
entirety.
Universities should also be aware there is normally a time limit to
gather and
present this information.
Institutions normally have many privacy related
policies and protocols but they can only work if each individual
takes into account the importance of privacy and
confidentiality in his or her own work.
Audit Your Information Usage
The purpose
of this privacy audit questionnaire is to help determine what personal information is collected,
maintained and used by an institution.
Personal information means information about an identifiable individual,
such as name, address, giving history, and other biographic information.
Personal information includes information
about prospects, alumni, donors, volunteers, and any others.
The data that is collected can be used to assess compliance with
institutional privacy policies and to help access the information
needed to process requests received from individuals or legal authorities.
|