Data Governance: Ground Rules for Handling Nonprofit Data Responsibly

As part of this series on data, fundraising, and donor privacy, you don’t want to miss these 3 Ways to Protect and Secure Donor Marketing Data.

Think of data governance as the rules and guidelines that define how an organization manages and protects its data. For any nonprofit, its donor and gift data — which includes names, contact information, donation amounts, and gift history — is one of its most valuable assets. Just like a well-organized and secure filing system keeps important papers safe and easy to access, data governance does the same thing for digital data. 

Lack of adequate data governance can lead to inaccurate records, which puts so much at risk since nonprofits rely on their donor data to, among other things, build and maintain relationships with donors, plan fundraising campaigns, and report accurately to stakeholders (like the board or trustees). 

Without proper management processes, information about donors and their giving might be susceptible to: 

• Inputting errors
• Errors occurring over time
• Errors in reporting or communicating

These weaknesses could be especially critical if they occur when pruning or merging donor and household records. 

An Example 

Poor data governance guidelines could lead to donors being duplicated within the file. How might this happen? Perhaps a donor has given a gift through the mail and then later donated at an event. The two gifts may be coded to different donor IDs even though they represent the same person.  

If this kind of error happens repeatedly, the value and accuracy of a nonprofit’s donor and giving information ultimately diminishes. But detailed data governance rules around handling such cases can limit or even eliminate these kinds of duplication errors. 

What Does Strong Data Governance Look Like? 

A good data governance framework addresses processes that, if implemented consistently, maintain the health and accuracy of donor and gift data.  

Ensuring that donor and gift information is correct and up to date is of paramount importance. As an example, before appeals are mailed, donor addresses should be checked against post office records, including the National Change of Address (NCOA) database. If the address has changed, it must be updated in your CRM. If not, the information is on its way to becoming outdated. 

4 Core Policy Guidelines 

Data Security policies should be designed to prevent unauthorized access in any and all data areas covered by data governance.  This involves making sure only the right people have access to sensitive data and that security measures like encryption and passwords are in place. As an example, employees of an organization, and employees of their marketing partners, should never have the ability to email files that contain Personally Identifiable Information (PII). Data security training should be implemented across the organizations.  

Data privacy policies provide guidelines for respecting donor preferences and complying with laws around data sharing and is another fundamental concern of data governance.  Donors might not want their information shared, or they might have specific preferences for how they are contacted. 

Data accessibility policies ensure that the right people in the organization can access the information they need when they need it. This includes making sure data is organized, labeled, and stored in a way that makes it easy to use.  

Data retention policies clearly outline how long to keep data and when to safely delete it. Nonprofits need to retain some data for tax and reporting purposes, but keeping data for too long or without reason can pose risks. 

3 Core Benefits of Proper Data Governance 

1. Better Decision-Making: When donor and gift data is accurate and well-managed, nonprofits can make better, data-driven decisions about fundraising strategies, donor outreach, and program effectiveness.
2. Increased Donor Trust: Donors are more likely to continue supporting the organization if they know their data is secure, their privacy is respected, and their preferences are followed.
3. Efficient Operations: With clear guidelines and processes for data management, staff can work more efficiently, reducing the time spent fixing errors or chasing down missing information.

Data governance in nonprofits is about protecting donor data, ensuring accuracy, and respecting privacy so that the organization can build trust with its donors, operate efficiently, and comply with legal requirements. Just as a nonprofit carefully manages its finances, it must also carefully manage its data to ensure long-term success.