Data Security and Privacy
Data security and privacy are facing increased challenges as service providers work remotely and demands for services increase.
Claire Wiley, the Director of Data Systems & Program Evaluation at The Door (a holistic youth services non-profit agency in New York City) highlights three key principles non-profit organizations must consider when it comes to maintaining data security and privacy for their organizations and program participants: compliance, ethics, and trust.
Compliance captures the essential regulations by which an organization must abide, based on the services it provides. For The Door, especially given its robust in-house Adolescent Health Center, this means having to follow regulations from HIPAA and complex federal laws and rules about how data is kept.
Next, Wiley emphasizes ethical considerations of the data being approached, which she notes is particularly important for non-profits that are mission-driven and fundamentally committed to the wellbeing of their program participants. “Beyond what's required of us by law, there are our clients: we're collecting data on vulnerable populations of people: young people, immigrants, homeless youth,” says Wiley. “We have an enormous responsibility to be good stewards of that data just for the wellbeing of our clients, which is our top priority.”
Finally, clients need to trust that their information is secure; “our clients to feel comfortable disclosing information to us so that we can provide them with the best possible services,” says Wiley, noting that this trust is perpetually evolving in today’s data landscape; “the world has become more digital and data has gained new value that it didn't use to have.” The prioritization of trust entails that questions around data privacy and security cannot be relegated to solely the non-profit organization and staff. Program participants must be an integral part of that conversation.