What You May Not Know, But Should, When Adding Technology

Image: Jeff Sheldon https://unsplash.com/photos/9dI3g8owHiI/download


Having just figured out the “emoji,” I get how difficult it is to keep up with technology. Let alone the evolving issues that come with it.

As my Netsquared chat (deets here if you’re in Houston) on nonprofit technology quickly approaches (Eek!) I’m ironing out the legal points to touch on. Points I thought organizations introducing new/more technology might find helpful. If you’re bringing an org into the 21st century, or out of the 19th, you might find the following points helpful. So far as what to look out for or be thinking about.


With technology comes “more.” The ability to do more. Learn more. Engage more. And (most popular) collect more. Not too long ago, a name and address were all an organization needed. These days a newsletter subscription will ask for your blood type and astrological sign.

But collecting more often results in receiving more sensitive information. Information like drivers license numbers, socials, account numbers, credit card numbers and emails. These come with heightened obligations. Most states have privacy laws regulating the collection, storage, use and disclosure of personally identifying information (PII). As well as what happens if there’s a breach, whether it’s by you or a third party with access (ex. a software vendor). And this doesn’t include the dozens of standards created by industry groups.


I see “privacy” as the “what.” What to focus on keeping confidential. Then security is the “how.” How do I go about keeping that information private?

This can be simple. What devices can staff work on or what access can staff have to a work network? Or it can be as complicated as encryption and firewalls.

Like privacy, there are laws outlining the minimum security expectations for PII. For example, requiring a written security program. Or processes to put in place to ensure information goes to those who need it for the right purposes. Even the amount of awareness an organization should have of vulnerabilities and backup measures.

Intellectual Property:

Most people know a little bit about this topic, even if they don’t feel like experts. This is the topic most people blog and talk about. And involves things like what staff upload on websites, blogs, and social media. Especially with all the nonprofits receiving take-down letters from photographers and stock photo websites. Getting consents to use photos and videos of people obtained at events. Also, being cognizant when it comes to ownership rights. Posting the org’s original content in a way that protects its rights. And making sure the org owns anything developed for it.


Then there are all those other things to think about. Which depend on the type of technology. Where staff host or write their own micro-blogs there’s the risk of defamation or NLRA violations. With websites, it’s regulating use through terms of use. Making sure terms are agreed to where products or services are sold online. With social media making sure usage doesn’t violate the site’s terms. And following the law when it comes to contacting folks. Which is also a concern with things like email. If it’s a donation platform, it’s keeping fundraising laws and tax laws in mind. Think you get the jist…


There will always be underlying concerns. All of which you won’t always know. When you introduce new technology take a beat to think about what the exposures are. For example, if you’re developing a donor database what are the different parts involved? One would be the donor information. The other would be the development of the database. With each of these, what would the exposure be? With donor information hacking, wrongful use or leaks would be a few. With the database a mal-function, updates and making sure everyone has access when they need it would be a few. With a better understanding of the exposures, you have a better idea of what to do, and what experts to involve.

For those in Houston, I’ll be talking about a few more issues and solutions so be sure to stop by.


Other Posts You Might Like

Understanding and Negotiating Nonprofit Software Licenses

Free Non-Profit Resources

Have You: Developed Good Intern Policies?

Nonprofit Internal Controls: Post Numero Uno