Understanding how to balance the needs of your members and regulators with the realities of your organization is the secret to properly managing data privacy concerns.
The past few years have been pretty busy on the data privacy front.
Between high-profile data breaches, headlines about advertisers and social networks crossing the line with the amount of data they gather about consumers, and the adoption of significant regulatory acts such as the European Union’s General Data Protection Regulation, associations had to become aware of the issues at hand.
Of course, member information isn’t the only concern here. According to IBM data, breaches can be extremely expensive, costing an average of $3.86 million and taking 280 days to identify and recover from one. So this is an issue associations can’t afford to ignore.
A few articles on the topic from our archives:
Data Privacy at Virtual Events: How to Balance Sponsor and Attendee Needs. This piece from last fall reflects a complicating factor for many organizations: Sponsors want data about attendees, which might be at odds with what your members expect from your organization. The article breaks down strategies to appease everyone, including proper disclosures and transparency. “Knowing what type of data the platform can collect, what reports it can help generate, but also that the data is held in a secure and compliant environment is of paramount importance,” Shawn Cheng of the firm DAHLIA+ said in an Event Manager Blog report highlighted in the article.
Don’t Downplay Your Members’ Data Privacy Concerns. This 2020 analysis of a Pew Research Center study finds that most people feel they can’t avoid being tracked—but that they think organizations have more to gain from this data collection than they do. “Majorities of the public are not confident that corporations are good stewards of the data they collect,” the report stated.
Your Privacy Notice Checklist. A few years ago, it might have seemed like the world of associations was all GDPR, all the time. Rather than hit you with all of it, here’s a short and sweet checklist from The Trust Bridge on how to establish transparency and consent with your members.
What Associations Need to Know About the New York Data Privacy Law. This analysis of New York’s Stop Hacks and Improve Electronic Data Security Act (or the SHIELD Act), by Julia E. Judish of Pillsbury Winthrop Shaw Pittman, LLP, breaks down the compliance considerations behind a law that aims to protect the public’s data and keep people informed of potential data breaches. “Unlike the more highly publicized California Consumer Protection Act, the New York SHIELD Act contains no exceptions for nonprofit organizations,” Judish noted.