Protect Donor Data When Working with Third-Party Vendors

Giant corporations that have experienced data breaches in recent years show just how vulnerable every organization can be to attacks from outside. Protecting your nonprofit’s data is critical, no matter if you work with the elderly, children, animals, or nature. Unfortunately, when you’re working with a third-party vendor, data privacy gets even trickier, especially when their systems and storage methods might leave you at higher risk. Ultimately, it is down to you to ensure that your organization’s data is secure.



It’s the simplest but most important step you can take. Update your organization’s perimeter protections, frontline defenses, and make sure you’re keeping them up-to-date. This includes performing regular malware scans, updating your antivirus software, and staying on top of payment for your protection programs.


Train your staff

All employees and volunteers should know the basics of what it takes to identify and report malicious software, emails, and websites. Consider providing online courses and updating them with regular emails to remind them to be sharp-eyed while working.


Establish clear rules of engagement with your vendors

It’s a good idea to set up a questionnaire for each of your third-party vendors. This will help you establish areas of particular data vulnerability. You should ensure they carry their own professional liability insurance and plenty of security protection in place. Conduct frequent check-ins with your vendors to ensure they are still compliant.


When handling data, always do your best to protect it. Contact the experts at Colorado Nonprofit Insurance Agency, part of HUB International in Denver, Colorado at 303-894-0298. Make sure that your nonprofit is properly covered. We will work with you to ensure you have optimum coverage in place.