Tag Archives: #npdata

Nonprofit Radio for April 12, 2021: Build Lasting Supporter Relationships & Love Your Donors Using Data

My Guests:

Craig Grella & Wendy Levine: Build Lasting Supporter Relationships
Craig Grella and Wendy Levine, both from Salsa Labs, want you to build strong relationships all the time, not only when you’re fundraising. Their savvy strategies come from their own work building relationships for Salsa. This is part of our 21NTC coverage.

 

 

 

 

Shoni Field & Jen Shang: Love Your Donors Using Data
Nonprofit Radio coverage of 21NTC continues. When you are fundraising, data that tells us restoring your donors’ sense of well-being and identity will increase their giving and engagement. There’s a lot of fascinating research to unpack and apply, so join Jen Shang, the world’s only philanthropic psychologist, from the Institute for Sustainable Philanthropy, and Shoni Field from the British Columbia SPCA.

 

 

 

 

Listen to the podcast

Get Nonprofit Radio insider alerts!

 

I love our sponsors!

Turn Two Communications: PR and content for nonprofits. Your story is our mission.

 

We’re the #1 Podcast for Nonprofits, With 13,000+ Weekly Listeners

Board relations. Fundraising. Volunteer management. Prospect research. Legal compliance. Accounting. Finance. Investments. Donor relations. Public relations. Marketing. Technology. Social media.

Every nonprofit struggles with these issues. Big nonprofits hire experts. The other 95% listen to Tony Martignetti Nonprofit Radio. Trusted experts and leading thinkers join me each week to tackle the tough issues. If you have big dreams but a small budget, you have a home at Tony Martignetti Nonprofit Radio.
View Full Transcript

Transcript for 533_tony_martignetti_nonprofit_radio_20210412.mp3

Processed on: 2021-04-10T01:39:15.428Z
S3 bucket containing transcription results: transcript.results
Link to bucket: s3.console.aws.amazon.com/s3/buckets/transcript.results
Path to JSON: 2021…04…533_tony_martignetti_nonprofit_radio_20210412.mp3.731616822.json
Path to text: transcripts/2021/04/533_tony_martignetti_nonprofit_radio_20210412.txt

[00:02:18.94] spk_0:
Oh hi Hello and welcome to Tony-Martignetti non profit radio big non profit ideas for the other 95%. I’m your aptly named host of your favorite abdominal podcast. Oh, I’m glad you’re with me. I’d be forced to endure the pain of benign prostatic hyperplasia. If you leaked the idea that you missed this week’s show, build lasting supporter relationships, craig, Grella and Wendy Levin, both from salsa labs. Want you to build strong relationships all the time. Not only when your fundraising, they’re savvy strategies come from their own work building relationships for salsa. This is part of our 21 NTC coverage and love your donors using data. Non profit radio coverage of 21 NTC continues when you are fundraising data that tells us restoring your donors sense of well being and identity will increase their giving and engagement. There’s a lot of fascinating research to unpack and apply. So joined gen XIANg, the world’s only philanthropic psychologist from the Institute for sustainable philanthropy and Shoni field from the british Columbia, s p C A and tony state too planned giving accelerator were sponsored by turn to communications pr and content for nonprofits. Your story is their mission turn hyphen two dot C o. Here is build lasting supporter relationships. Welcome to tony-martignetti non profit radio coverage of 21 ntc. The 2021 nonprofit technology conference were sponsored at 21 ntc by turn to communications turn hyphen two dot c O. My guests now are Craig, Grella and Wendy. Levine. Craig is content marketer at salsa Labs and Wendy is marketing director at salsa Labs. Craig, Gorilla Wendy. Levine, Welcome to tony-martignetti non profit radio

[00:02:22.94] spk_3:
Thank you. Happy to be here.

[00:02:24.50] spk_2:
Thank you. Thanks for having us

[00:02:38.24] spk_0:
on My pleasure to have you both. Thank you for sharing your expertise with us, your expertise on beyond fundraising, building lasting relationships with your supporters. Wendy. Let’s start with you what as an overview, what could nonprofits be doing better relationship wise do you to feel?

[00:04:29.14] spk_3:
So we work with lots of nonprofits and I’ll just start by saying, you know, as a marketing team. It’s also, we’re kind of in a unique position because we are responsible for marketing. It’s also doing all the normal things that, you know, our marketing team does, but because our software helps nonprofits market their mission and engage with donors, we often work with those nonprofit clients to help them in their marketing efforts. So that was the genesis of this workshop for the intent conference because when we work with nonprofits we see so many of them doing so many amazing things on. And yet there are everyone has their, excuse me there. Their holes are their blind spots in their in their process. So our workshop dealt with um formalizing a content development process and content calendar. Um, craig does this for salsa. So he does a great job of you know, making sure that we are talking to the right people at the right time, that we have the right content in terms of blog posts and you guys and social posts and that’s a lot of work. So when a nonprofit who may not have a whole marketing team, um like we do tries to do those things, um sometimes things get missed. So our workshop was all about providing people content, calendar templates and talking to them about things that they can do to make the whole process of building new content easier. We talked about reusing old content, um repurposing content that you have developed before, how to improve message targeting and how to do all of those things in uh simple ways that can be done with smaller teams.

[00:04:45.64] spk_0:
Well. And we’re going to talk about those things here. You know, you’re not gonna just tease.

[00:04:48.79] spk_3:
Uh,

[00:05:11.44] spk_0:
listen, I’m not gonna let you just tease non propagated. Listen and say this is what we talked about, but we’re not talking about here. So we’re gonna talk about those things to, uh, so craig so you are, you are, it sounds like you are the writer, the content marketer for salsa, and we can all benefit from the wisdom of the corporate marketing team at salsa. Yes,

[00:05:28.94] spk_2:
yes, definitely. I think to kind of piggyback on, on what Wendy was saying, the impetus for this. Uh, this presentation was, I think nonprofits can learn from the more corporate marketing. I think even if you look at advocacy, I think nonprofits can learn from uh, political advocacy, which is kind of, you know, they use their email lists like a. T. M. Machines sometimes. That’s the way it feels like. Uh,

[00:05:42.71] spk_0:
and then I think you have a background in the Democratic Party in pennsylvania. Right? That’s right, yeah. Yeah.

[00:06:09.94] spk_2:
And and I think really it happens on both sides of the aisle. I think when you look at a lot of advocacy campaigns, a lot of political campaigns, I think they tend to look at their lists in that way they go to their list more often with fundraising than other messages. Or they wrap their message in a fundraising appeal. I think nonprofits can kind of get stuck in that rut as well where, uh, they’re using their list more often as appeals. So this presentation was a way for us to say, how do you develop those deeper relationships? How do you go beyond just the fundraising appeal? How do you engage all year long? How do you, uh, take that relationship to the next level or maybe change relationships wherever your supporters are with you in their relationship now, maybe there’s a way to move them to a different relationship that involves other type of work or a different relationship with your work. So that was kind of the idea behind the presentation and how we put together the different steps and tips and things like that.

[00:07:41.04] spk_0:
Now, I suspect, you know, most dogs are doing some of this, like, you know, uh, let’s, let’s assume that an organization has a newsletter, whether digital or print, you know, and they may or may not include an appeal. But, you know, I’d like to think that there are messages going out that aren’t all that aren’t all fundraising related, I mean, but you’re, you’re sounds like you and Wendy would like us to put this into a coordinated calendar, so we’re not just thinking of it at the beginning of the month. What are we gonna do this month or, you know, even the beginning of the quarter, but we haven’t laid out for like a year or something. Uh, so be more sophisticated about it. But then also it sounds like you’re encouraging a good amount of messaging that’s not fundraising related, has no appeal affiliated with it. It’s just purely informative. Is that okay? Is that are we are we wasting? You don’t feel like we’re wasting opportunities to communicate, wasting opportunities to fundraise if we, if we send something out that doesn’t have an appeal in it.

[00:09:18.34] spk_3:
No, absolutely. I think, um, and this became, I think this came more into focus when the pandemic hit as well. Um, Some organizations, I actually had an easier time fundraising, but many had a more difficult time, fundraising really depended on where they were and what their mission was. But, um, it’s, we always talk about engaging with your supporters outside of fundraising and the importance of connecting with your supporters, making sure they are, are connected with your organization in a way that makes them, um, use the term sticky. You know, they’re, they’re, they’re, they’re connected to you and, and they’re not gonna just, you know, I’m going to give you money this month. I’m gonna give somebody else money next month. I know who you are, I know who your people are. I really think that what you’re doing is great. I I understand, you know, your mission and and how you work with people. I know the names of some of your staff members, The more that you can connect with those supporters, the more they’re going to stay with you, the more they’re going to give when they can, they’re going to volunteer when they can. And that became even more important during the pandemic because some people weren’t able to give, some organizations, needed people to give more and you know, appealing to, um, people’s connection with the organization that you’ve built up over time is just so important and not just now, but even more so now I think.

[00:11:47.84] spk_2:
And I think for me it’s, it’s kind of human nature. Right? The first time you meet someone, you’re not going to ask him to marry you right there on the spot. I think there’s got to be that relationship development. Uh, there are different steps along the line, obviously that you need to take to get to know each other better. And I think the same is true for any kind of communication, whether you’re at A for profit company, a Fortune 500 company or a mom and pop type of nonprofit, uh, obviously you have a little bit of a head start because that person has found you. Maybe they joined your list or maybe they came to an event, whether it’s in person or virtual. So you have a little bit of interest there. But with so much noise out there these days, whether you’re trying to connect on social media or even through a podcast, there’s, you know, there’s a lot of noise out there and, and you have to rise above that and you rise above that by maintaining that constant relationship. And you can’t only ask for money. It can only be volunteer appeals. I can’t only be, you know me, me, me, me. I need, I need, I need you have to find a little bit of the reasons why those people connected with you and and speak to that and you have to offer a little bit of yourself too. And there are lots of ways that, that nonprofits can do that. And um, we like to it like you said at the beginning, I think this question was, uh, we do like to be organized with that. Uh, it’s a matter of sometimes nonprofits just looking at what they have, you know, oftentimes when I’ve taught courses, courses on how to create content. One of the things I hear most often is, I don’t know what to write or I don’t know what kind of content to put out there. What will resonate with people. And uh, so that holds them back and then they do nothing. And that’s obviously not a solution. So where we start with with this presentation and where we like to start in general, is to just go through the content you’ve created through the years, we tell nonprofits you’ve probably got hundreds, if not thousands, of pieces of content out there. Look at your old blog posts. Look at some of the presentations you’ve done. If you’ve gone to conferences or presented, look at your social media posts, look at documents you’ve put together. If if you have programs, you probably have program information, put some of that together and turn it into something written that you can offer people, uh, and, and start there. And then once you’ve gathered all that information, put it together in a content calendar and be really deliberate about how you’re exposing that material to your audience in order so that it makes sense. And it drives a little bit of

[00:12:06.04] spk_0:
engagement, which is, which is much easier to lay out when you see it in a calendar rather than just you just kind of thinking, well I will do this in May and then this will be in june and you know, but you can be more, you’re more deliberate about it more, I think more sophisticated about it. If you if you when you commit something to writing it makes it makes you think about it more. That’s exactly right. I have a written and

[00:12:29.94] spk_2:
not only that, but you can also add responsibility and whether you have a big team or a small team, you can put names to the tasks that people need to do. You know, tony is going to do this article by this date and get it up on social by this date and there’s a little bit of responsibility there for the work that you’re doing, which I think makes people complete those tasks uh a better way.

[00:12:49.14] spk_3:
Yeah. And frankly, I think it makes it almost easier and simpler so that, you know, it doesn’t seem like quite as big of a mountain to climb. You know, I’ve got all this content to create from this quarter or this year, um, when it’s on a piece of paper or in a spreadsheet. And it’s something that just seems more manageable frankly

[00:13:09.94] spk_0:
when anything you want to add about the content calendar before we move on to segmenting your, your

[00:13:15.67] spk_3:
supporters.

[00:13:18.04] spk_0:
Okay, Well I’m willing it’s okay. I feel like we’ve covered the content calendar enough. I’m not trying to, you know, I think so. I think it’s, it’s something

[00:13:50.34] spk_3:
that a lot of nonprofits, um, do. Um, but we also see a lot of nonprofits that don’t do a content calendar and it’s, it’s not difficult. It’s just taking that first step. So we provided people templates, but just just getting it down and finding a way to formalize the process of putting a content together. It’s not that difficult. And it makes a huge difference

[00:14:00.44] spk_0:
helps you organize too. So you can see blog post, you know, maybe some other section on the website newsletter, email, social, social, facebook, social instagram, social twitter, but etcetera. And

[00:14:51.74] spk_3:
it also helps you identify holes in your content. So, for example, um, just as an example, we have some clients who, um, whose mission is focused on raising funds for medical research for a certain condition or, or issue. And they have content that they create for patients and their families, but they also have content that they create for, um, you know, medical experts and they’ll run medical conferences for doctors. Uh, so, um, understanding that they’ve created enough content for each of those groups is also important in having it in a calendar. Um, so you’re, you know, another organization might have volunteer, uh, content aimed at volunteers and content aimed at, at supporters or donors or community members. So just seeing that now, think about what your goals are.

[00:15:12.24] spk_0:
However you’re gonna segment, right? It’s all very orderly. Now. You mentioned templates. I don’t like to tease nonprofit radio listeners without without providing the substance. So can we get this template? Is this somewhere on salsa site or somewhere else? Where? Where?

[00:16:10.04] spk_2:
Yeah, So we we put up a landing page that’s completely in gated as part of the NtC presentation. Uh, it’s salsa Labs dot com forward slash 21 N. T. C. And there’s a little bit of a workbook that goes with the presentation and then of course the presentation slides, PowerPoint and pdf, I think, uh, and the workbook falls along the different sections of the presentation. So the first section is what we just talked about, which is to uh, figure out what you have. You know, go through, take stock of your content, your library, that kind of thing. The second part talks about putting together your calendar and segmenting. And then the third part jumps into really getting organized and then engaging or further engaging, going a little bit further than what you’ve done in the past. And to kind of tag onto the last part you said about or what Wendy said about the content calendar. Oftentimes we see nonprofits look for these templates. Uh, and they’re really just hashtags, you know, if the only communication you’re doing on social media is to put up a post about ST patty’s day or easter or things like that, you need to go a little bit further

[00:16:34.84] spk_0:
in your engagement. That’s not that’s not educating folks. That’s right. On your, on your mission, your work and your values. That’s not going to make them sticky because they can get easter messages anywhere.

[00:16:37.11] spk_2:
That’s right. And they likely are

[00:16:39.75] spk_0:
and they are.

[00:16:40.39] spk_3:
And we’ll tell you though, that the most engagement we get on our social posts are when we post pictures of our dog, there is some value that All

[00:16:49.42] spk_0:
right. Well, I don’t know what that says about the salsa Labs content, you know, talking to the content team. So I’m not gonna All right. Believe that their salsa labs dot com forward slash 21 ntc for the template that craig just talked us through. Let’s go to, uh, a little on segmentation. Who wants to want to kick us off the value of and the depth you should go to. Who wants to

[00:19:35.74] spk_2:
be sure. I’ll take it when it comes to segmentation. The idea is to be able to understand which audience member wants to receive, which message at what time and by what medium there are a lot of different mediums. We can deliver messages through these days and everyone’s busy and like I said before, there’s a lot of noise. So you need to find your way through that noise and the way we believe you do it is through personalization. If you can understand who wants to receive the message when they want to receive it and where they want to receive it, you will have a higher engagement with that person. And this is kind of goes back to the idea of just shooting out a ST Patty’s day message, right? I mean you might get 50 or 60 likes, but if those people never volunteer or they never donate or they never come to an event, what’s the point? Um, you know, it may be, hey, let’s put out a nice message and that’s fine. But at some point you need to generate people to support your mission, whatever that means. So we like to segment in a couple different ways. One of course is looking at what you have in your own crm or your own list and trying to understand demographics about that person and to be able to split them into some sort of discernible category. You know, hey, we’ve got donors here, We have volunteers or we have people who just engage with us on social media. And then if you are doing a lot of sharing on social, which many groups are really trying to match your organization’s message to the right social network and you’ve got people out there who, you know, maybe they have a very intelligent audience, or maybe they have a very specific demographic in their audience and they completely lining up to the wrong network and sharing a message at the wrong time. Maybe they’re sharing it once, instead of sharing it four times over a month or two months. So that different people see that message. So uh part of the workbook that we put together is going a few different places through your analytics and really understanding what your audience looks like and taking some critical uh peaks at your audience and the demographics of your audience, looking through your Crm, and uh figuring out what’s important to your organization. And how do you label those people so that you understand the message that they want, where they’re going to be and then where you can get that message to them.

[00:19:43.64] spk_0:
Mhm. When you want to add to segmentation.

[00:21:01.04] spk_3:
Yeah, I mean there’s it’s a little bit science and a little bit art, frankly, I think. So, there’s a balance between having too many segments and too many groups and having too few segments or groups. So um if you’ve got groups of supporters, there are so many groups of supporters that you’re sending very similar messages to some of the groups that you probably have too many. Um it may be difficult to handle all the messaging. Uh if you have too few groups, the messages aren’t targeted enough aren’t interesting enough to each of those groups. So as you know, Craig was talking about measuring engagement on social media and and looking at analytics for your emails and things like that. And that’s very important. And that’s all the science part. And then there’s a little bit of art uh in terms of, you know, where the messaging can be split, where the different messages make the most difference on how you engage with these folks, what words you use, what you test. Um, so, you know, I think it’s, I think it’s a little bit of both. And it just takes, you know, not nonprofits know their supporters, Right? So it’s really just a matter of sitting down and looking at, um, where they’re engaging, what they’re saying on social media and you know, what they’re reacting to when, when you send them emails or messages.

[00:21:47.24] spk_0:
Well, let’s probe that a little further windy in terms of knowing knowing your people suppose, you know, you know, something, you know, some people prefer email over phone calls or written mail over email, etcetera. But, and you can gauge some depth of interest by giving history, right. If if Humane society gets donations, when cat appeals from certain people and dog appeals are making this very simple. But you know, so then you know who your dog people and cat people are, but I suppose you wanna go a little further. Like uh, you know, who wants to engage on instagram or which of our programs appeal to you, You know? Uh, So I’m envisioning a survey is one possibility. What else? How else we still have a few minutes left.

[00:21:50.50] spk_3:
Okay. So that’s

[00:21:51.29] spk_0:
what you glean. How does, how does segment?

[00:22:08.74] spk_3:
That’s a really good question. It’s actually something we addressed in the presentation uh, in 10. Um, you’re right. A survey is one way and we made some recommendations. You no longer surveys where you, where you ask more than say three or four questions. Um, are something you shouldn’t do a lot of. And when you do, you should probably combine it with some sort of incentive and it doesn’t have to be, you know, you don’t pay people to take the survey, but you know, hey we’ll send you a button or bumper sticker. You know, if you fill out a survey or this is why it’s really important, you know, um at least, you know, appealing to their uh

[00:22:34.47] spk_0:
their interest in your

[00:24:16.64] spk_3:
cause. Um But we also like the kind of one question asks in emails is another way to do it. So if you’re sending emails to people, you can ask a question in the email depending on the tool that you’re using, you can put a link or button in the email and say, hey um do you have a cat or a dog or both? You know at home? Are you, are you a cat parent? Dog parent? Um have them click on that button and then now they’re in a group and the next time you send an email out, they either get a cat picture or dog picture at the top of the email. Um, and it makes a huge difference in engagement. Um, We talk a little bit also about, um, polls on social media. So that’s not going to give you on the, that’s not going to put a particular person in a group, but it can give you information on what people are interested in. So if you’re going to focus on, um, uh, one, you know, if you’re putting together advocacy petition and uh, you know, you need to understand where people are focused on what they’re most interested in. That can help also. Um, but putting a process in place so that your staff understands what kind of data you’re collecting so that when they bring up a donor record because they’re talking to the donor or they’re about to meet the donor at an event, hopefully we’re all doing that soon. Um they can look and say, oh hey, you know, we’re missing this one piece of information or these two pieces of information. So I’m gonna make a note and I’m going to ask them that when I meet with them and I’m going to put it in there and everyone needs to know to collect that information. Um and it, it just makes it easier and, and there’s a whole process we won’t go into now, but there’s a whole process of right figuring out what information is important on and which ones, which pieces of information should affect the message that you’re sending.

[00:24:32.24] spk_2:
A couple years ago, I think last week feels like a couple of years ago, Sometimes for a couple years ago you tony you did a podcast on integrating Crm with your email marketing and other digital.

[00:24:36.70] spk_0:
That was another, that was another NTC, uh 2017 18, something like that.

[00:24:42.40] spk_2:
Yeah, I think it was a while ago, but you know, it’s funny

[00:24:45.29] spk_0:
that nonprofit radio listener thank you for saying that

[00:26:25.94] spk_2:
it’s a great episode and I think it’s important here because obviously salsa is a product that tries to put together all these different marketing mediums and they work well with each other and, and there are other um products out on the market, but we also find that a lot of nonprofits have these disparate solutions and it makes things harder. It makes collecting data harder, it makes engaging harder. And when you have that uh system that pulls it all together, it makes this process easier because when you send an email and someone clicks on it, you get that information in your crm. So these one question surveys that Wendy is talking about. You can do a survey with a cat picture and someone clicks on it. You capture that data. Uh you don’t necessarily have to go to a full blown male pole or social media poll. You can do these things when you’re systems are integrated and pull that information between those systems. And then when you’ve got the information in your crm, you can then pull that information automatically into your email without having to upload or download or move data around. So It works on two ways. One it helps you understand and track the data but it also helps you personalize the emails that you do send. I think if if nothing else uh non profit should know. Just act just just do it. If you’re not sure where to start, just you know, get a message out there and just do it and then measure and track and along the lines of what Wendy said. If you are missing some information, just ask, just ask for it, create a message and send a note and remember when you do get that data to plug it back into your system so that you can use it uh in in many ways in the future. So that’s the important part

[00:26:32.44] spk_0:
two. We’re going to leave it there. Alright, alright, very much Greg gorilla, my pleasure Kraig gorilla content marketer salsa Labs, Wendy. Levin, marketing Director at salsa Labs. Thanks to each of you. Thanks very

[00:26:44.64] spk_2:
much. Thank

[00:30:41.24] spk_0:
you. My pleasure to have you and thank you for being with non profit radio coverage of 21 ntc the 2021 nonprofit technology conference where we are sponsored by 20 we are sponsored by turn to communications turn hyphen two dot c o. It’s time for a break. Turned to communications relationships. We just talked about lasting relationships. The importance of building them. Turn to has them, they’ve got the relationships with journalists. So when there’s something fundraising related or philanthropic related or even more broadly, non profit related, those journalists are going to be picking up the phone when turn to calls them with you your name as a potential source, source of quotes, source of background, source of help. They pick up the phone because they’ve got a relationship with turn to, it’s the relationships that get leveraged for your benefit. Their turn to communications turn hyphen two dot c o. It’s time for Tony’s take two. I started the second class of planned giving accelerator this week through the accelerator. I’m helping nonprofits launch kickoff, inaugurate their planned giving programs. I’m teaching members who join with me for a year, teaching them step by step how to start and grow their plan giving programs. The classes are fun. I look forward to them every week that we get together because there’s, there’s live trainings and then there’s Ask Me Anythings and I also do a podcast for them. Yes, there’s a, there’s a, there is a podcast that you can’t hear. You got to be a member of plan Giving accelerator to hear the plan Giving accelerator podcast. You see the symmetry there. So yes, I do a podcast for them too. But these trainings and of course, so we’re getting together for the training and they ask me anythings. I look forward to them. And rumors are that the members look forward to it too. I’ve heard rumors to that effect. So it’s, it’s all, it’s really very, it’s very gratifying, rewarding. Um, it’s fun and folks are starting their plan giving programs and in the first class that started in january, they’re already getting gifts. There’s already a couple of nonprofits that each have a couple of gift commitments already, just three months into the 12-month program. So that makes it enormously gratifying. I’m getting um, my synesthesia is kicking in. I’m getting goose bumps thinking about these groups that, that already have commitments only three months into the thing. So that’s playing giving accelerator. If you think you might be interested in joining the next class, it starts July one and all the info is that planned giving accelerator dot com. Check it out for Pete’s sake. That is Tony’s take two. We’ve got boo koo but loads more time for nonprofit radio here is love your donors using data. Welcome to tony-martignetti non profit radio coverage of 21 ntc, you know what that is? It’s the 2021 nonprofit technology conference were sponsored at 21 ntc by turn to communications turn hyphen two dot C o. With me now are Shoni field and jen Shang Shoni is chief development officer at the british Columbia Society for the prevention of cruelty to animals. S P C A. And jen chang is a professor and philanthropic psychologist at the Institute for sustainable philanthropy. Shoni. Welcome to the show, jen, Welcome back.

[00:30:47.44] spk_4:
Thanks for having us.

[00:30:48.55] spk_3:
Thank you.

[00:31:06.24] spk_0:
It’s a pleasure uh, in talking before we started recording, uh, came to my attention that jen chang now has a british accent, which she did not have when she was on nonprofit radio many years ago when she was at indiana University. So we’ll get to enjoy that. And you’ve been how many years in the U. K. Now jen

[00:31:11.04] spk_1:
Eight years.

[00:31:13.14] spk_0:
Eight years with Adrian Sergeant. I assume he’s still at the institute.

[00:31:16.44] spk_1:
Oh yeah still living in the house to

[00:31:19.69] spk_3:
lose your

[00:31:20.19] spk_0:
house. Oh

[00:31:21.57] spk_1:
you don’t know we’re married sorry.

[00:31:23.17] spk_0:
Oh you’re more than uh philanthropic partners. Oh really? Okay. Were you married? When were you married to Adrian when you were on the show last? Uh huh.

[00:31:32.74] spk_1:
No

[00:31:34.14] spk_0:
your philanthropic psychology brought you together

[00:31:38.64] spk_1:
Absolutely really amazing

[00:31:40.94] spk_0:
mm fundraising fundraising brought you together. That’s wild. Well it’s a it’s a relationship business. So I look at you

[00:31:46.23] spk_1:
you’ve

[00:32:19.74] spk_0:
taken you’ve taken your own science to to heart and to deeper depth than than most people do. Well we’ll give give Adrian my regards, tell him. Absolutely tell him I say hello and hello from nonprofit radio he’s been a guest also. Well look at that interesting. And for those now we’re shooting with video jen has the uh suitable professorial background. There’s papers and thick books everywhere. It’s, it’s really, really quite bad. Oh yeah, there’s, there’s ghost faces up on top um and a crucifix also. So the place is blessed. You

[00:32:25.14] spk_4:
can make up anything about what we’ve got in the background. tony

[00:32:42.44] spk_0:
best mess. Yes, we’ll show me yours is uh yours is, I don’t want to say austere. It’s just uh its proper, you know, you’ve got a couple of framed items and you got a nice uh um um what we call those windows, uh,

[00:32:45.33] spk_4:
skylight,

[00:32:46.08] spk_0:
Skylight of course. Thank you at 59

[00:32:48.14] spk_4:
terrible for when there’s video because it makes the light really horrible. But radio it’s just fine. Yeah,

[00:33:20.84] spk_0:
I know yours is, yours is a like a sort of a gallery background. That’s what I would say. And shen’s is definitely Shen’s jen’s is definitely a professorial background. Okay. We’re talking about loving your donors. Your NTc topic is love your donors using data. So let’s start with Professor shang our philanthropic psychologist. One of, are you the only philanthropic psychologist in the world or just the first?

[00:33:25.74] spk_1:
I haven’t heard anybody else calling themselves philanthropic psychologists.

[00:33:38.14] spk_0:
Okay. So you’re both the first and, uh, and the only, first and only philanthropic psychologist. Okay. I love that you’re married to Adrian Sergeant. Well, that’s, you really took fundraising to new Heights.

[00:33:39.95] spk_4:
Small world fundraising. We all know each other.

[00:33:51.24] spk_0:
Rights, new depths. Yes, But they know each other quite well. Um, All right. So jenn, um, what, what can we learn from here? What, what, what, what, what are we not doing well enough with data that you want non profits to do better.

[00:34:45.14] spk_1:
Um, the first thing that we do that we don’t think nonprofits have spent a lot of time understanding is how people describe their own identities. And when I say when people describe their own identities, I don’t mean just how people describe themselves when they give as a supporter or as a donor, but how people describe themselves as a person outside of giving. Because research after research after research after research, what we found is that the descriptors that people use to describe themselves as a person are not always the same as the descriptors that they used to describe themselves when they think about themselves as a supporter. So not understanding who is the person behind the giving, I personally think is a huge missing opportunity for nonprofits to develop deeper relationship with their supporters.

[00:35:08.24] spk_0:
And what are some of these, uh, mm dis associations or in congruence sees between the way people identify themselves generally and the way they identify themselves as as donors.

[00:36:23.43] spk_1:
So one of the most consistent findings that we saw pretty much in all the data sets we have is that when people describe themselves as a person, they like to describe the morality of themselves. And usually there are nine highest frequency words that people use to describe their own morality and they are kind and caring and compassionate, generous, fair and so forth. And for most charities, you would see quite a large collection of these moral words in people’s self descriptors. But usually you see a smaller collection of these moral words appearing when people describe themselves as a supporter. So what that says to me is that when nonprofits communicate with supporters are about giving, they haven’t connected the giving to their sense of being a kind and caring and compassionate person as well as they could be. Usually you see the word generous, show up and you see the word helpful, show us show up in the descriptor of the supporters, but not the rest of the moral words.

[00:36:44.03] spk_0:
And there’s evidence that using more of the moral descriptors that the individuals would use will increase their giving.

[00:36:57.03] spk_1:
Not only it increased their giving, it also increases their psychological well being, and that is the real missing opportunity here. So when people give out of their kindness and out of their compassion, they feel better. Even when they give the same amount of money.

[00:37:39.73] spk_0:
You studied this really. You can you can gauge and Shawnee we’re gonna come to you. Of course. I I know there’s a practical application at british Columbia. I understand. I just want to flush out, want to flush out the like the limits of the, of the science and then we’ll get to the practical application. Absolutely. Um, All right. So so we can make people feel better about themselves through our non through nonprofit communications, through our communications to them. And they will then, uh, as as a result of feeling better or is it because they feel better than they will give more to our cause or we we just know those two things are correlated, but not necessarily cause and effect.

[00:37:52.63] spk_1:
We first communicate with supporters about there being a kind person and then we see giving increase and then we measure their psychological well being and we see their psychological well being increases.

[00:38:22.72] spk_0:
Okay, So we know that the giving has come first and then then from those for whom the giving has increased. Your then you’re studying their psychological well being. Yes, wow. Through our, through our communications, through our uh, is this what method of communication do we use phone letter?

[00:38:39.42] spk_1:
We have we have a few experiments in emails. We have survey evidence from donors. And we have laboratory experiments from the general population. Okay

[00:38:47.72] spk_0:
let’s turn to show me for the for the application of this uh at the british Columbia. S. P. C. A. What did you do their show me what how did you take this research and use it?

[00:41:16.41] spk_4:
So the and it feels like I’m jumping into the story halfway because I didn’t know how we got there but how we used it was um we worked with jen and her team to do um surveys and research into our donor base because you know, not every donor base is going to have the same characteristics. And so what do animal lovers in british Columbia? Um what are their characteristics of how they identify themselves as a moral person or in that sort of aspirational sense of self? Of where they’d like to? Well, I’d like to get to and supporting the S. P. C. A. As a way of getting there for them. So we we looked at our donors and came back with Jensen, looked at our donors and came and through surveys and research and came back with some some levers that resonated stronger than others with our donors. And so then we could go out and test those with, you know, our controls and then testing these levers and see where we see if we did. In fact, um originally c boosting giving over the long term, then we’ll be able to measure retention because I think with psychological well being would become an increased likelihood of wanting to stick with that relationship that makes you feel great. And so we’re able to measure um with within that field research what then when we put it into into play, what did get higher responses. And then we’ve gone back with jen and her team to study our three tests further and identify how we can build on that. Some of those tests worked better than the others. And so we that gave us some further insight into what we needed to to dig in on. And I think our our first error had probably been, we had all this learning and we wanted to use it all all at once, all in all the same time. Uh, the second sort of round of analysis really helped us be more focused and, and jen refers to allowing donors to breathe into the moment and just really be in that. And so it allow it, it allowed us to identify, yes, there’s a ton of good things we can do, but here we’re going to do three of them and we’re going to do them really well and really focused.

[00:41:18.91] spk_0:
What were some of the descriptors that you found were the levers for your, for your folks?

[00:42:43.90] spk_4:
Well, I mean, there’s so there’s the sort of descriptors of self that jen talked about in the, you know, the generous and loving and kind. Um, and then there’s one of those in particular, uh, dig into more, But there’s also these sort of, um, oh, you know, we call like victorious hope, this sense that there can be, um, that there will be success, that people have had past success in helping rescue animals and they will have future success. And, you know, this comes out of their love for animals. And so we use this victorious hope theme. Um, we we see, uh, personal sacrifice come through and we’re familiar with that from, um, you know, male direct mail that said, you know, just for the price of a cup of coffee a day, you could, you know, you could do this or you could do that, that sense of someone giving something up to get this, this outcome that they want. So we, we’ve used those a lot and we also saw the word loyal come up a lot more, um, than we had, than we had recognized was important. And it makes sense because people’s relationships with their animals are a lot about loyalty. Um, so it makes sense that they’d also value it as in a personal trait, but we’ve, uh, we had already been doing a lot of work around generous and loving and kind and we also increased that, that sense of loyalty.

[00:43:14.90] spk_0:
And now I don’t want any frustrated guests on nonprofit radio So you said, I asked you a question that came in the middle and you you uh, you thoughtfully answered answered the question, so thank you, thank you for that. But but I’ll give you the opportunity to go back if you want to take a minute and explain how you got into the jeans jeans research.

[00:43:19.10] spk_4:
I mean, this is like goes back to weigh like my beginnings as a fundraiser

[00:43:23.10] spk_0:
where a fundraiser

[00:44:01.69] spk_4:
where I got really frustrated with people’s perception of fundraisers as sort of snake oil salesman, you know, in the nonprofit world, there was the program, people who were doing the virtuous work and then there was the fundraiser, people that were, so it was sort of a little like unclean that you were trying to make people. And to me it always felt more like I was helping someone do the work that they couldn’t do themselves because their career had taken them in a different path. Like they wanted to save the environment, they wanted to help someone with the disease. They want they loved animals and wanted to help animals, but they trained as an accountant or they trained as you know, they have run their own business and so

[00:44:17.29] spk_0:
it’s very it’s empathic and magnanimous in the same that they wish they could be doing this good work. But they chose a different path. You have your like your empathetic to them.

[00:44:50.09] spk_4:
So this when I saw gems research of this sort of aspirational sense of self, this really struck a chord with me of like this is the work people wish they could be doing and we all know how we feel when we get to do something that’s really close and really important to us. It feels really great. So that just clicked with me. The sense of if we can help people do the work that they really want to do, but they haven’t been doing because something else does their pay brings their paycheck in and paying the bills is also important. Then we’re all going to be much stronger for it.

[00:44:59.69] spk_0:
And just quickly, how did you find jen’s research?

[00:45:03.89] spk_4:
I mean, this is, you know, I, I followed it around at conferences for quite a while before reaching out and saying, hey, I love this stuff. How can I, how can I do more?

[00:46:09.08] spk_0:
There’s value in conferences. Like, like ntc, there’s value in completely. Yeah, this reminds me of the work that you and I talked about when you were back in indiana before you were married to Adrian Sergeant. And we were talking about a phone research that you had done with public radio. I think it was in bloomington indiana. And you would describe women. I think it was Well, maybe you saw more of an effect that was it. You describe you saw more of an effect with women when the caller from the public radio station would use words to say. You’ve always descriptive words. You’ve always been so loyal to us. Or you’ve you’ve been such a generous supporter of us. Would you would you make a gift again? And you you saw greater giving when the right descriptors were used for those bloomington indiana Public Radio, uh, supporters. So this seems like a continuation. Uh, you know, where your again, it’s the way you describe the donors.

[00:46:16.18] spk_1:
Yes. And it’s not just the way that we describe the donors is the way that donors describe

[00:46:29.48] spk_0:
themselves themselves. Right. And then this increases their feeling of well being, more about that. How did you, how do you measure their sense of well being?

[00:46:32.08] spk_3:
So we, um,

[00:48:00.47] spk_1:
when we started measuring psychological well being, we explored a range of different scales. Um, at the moment, the the several scales that we use most often with nonprofits who haven’t started our kind of communication with supporters, our competence, autonomy and connectedness. Those are the three fundamental human needs that psychologists have studied now for decades. They in in the giving situation, they refer to, um, competence, my ability to make a difference for others autonomy. I have a voice of my own. I’m not giving out of any social pressure and connectedness. I give to make me feel connected with the things the animals, the nature and the people that I want to connect with. Those three needs. If we lack any one of them, we wouldn’t be able to experience well being. So it’s most ideal if any given giving act can simultaneously help people fulfill all three psychological well being. And those are the ones that we have now used most frequently in giving at the range. Um Lower than $500 a year.

[00:48:16.97] spk_0:
Shoni mentioned the next step being written, measuring retention. Have have you seen in your research whether there there is greater retention among the donors who whose well being we’ve we’ve enhanced.

[00:48:41.27] spk_1:
Um, so what we have seen is that um, yeah, the factors that drives giving are not always the factors that drive psychological well being, but if you can communicate with people on only the factors that drives both than that giving is more sustainable.

[00:48:51.47] spk_0:
Okay. Wait, all right. Say that one more time. You’ve been studying this for decades and I’m hearing it for only the second time in like eight years. So okay,

[00:49:35.27] spk_1:
so say, um you have five most important factors that drives giving and you have eight most important factors that drives people psychological well being. You’re five and you’re eight are not always the same, but sometimes they are three that are common between these two sets. If you only use those three to communicate with your supporters and increase giving an increase well being, then you can expect to see repeated increase in giving over time because the same three factors both increased giving and increase people’s psychological well being.

[00:50:29.66] spk_0:
Okay. I see it’s the intersection of the two little circles in the Venn diagram. Okay, You gotta explain this to a layperson, Right? All right. Thank you. Um So, were you So it’s fascinating, fascinating. Um Plus, you’re married to Adrian. I just can’t get over this how this this career has brought you together. I’m just I’m taken by all this. Um, Were you wondering about this back when you did the public radio research? Were you wondering how the description by the by the callers from the public radio station made the donors feel you knew you knew at that point? No, you weren’t thinking She’s shaking her head. You knew at that point that that describing them in certain ways could increase giving. Were you curious then, about how it made them feel? Um,

[00:50:44.26] spk_1:
I think when I first got into fundraising, it was very important to me to find some psychological motivations that can help nonprofits to raise more money. But once I realized that actually, that is not very hard, you can pretty much

[00:50:50.98] spk_0:
like, look, we’re not doing a great job in a lot of ways. Yeah,

[00:50:55.11] spk_1:
I mean, raise money by about 10 really is not hard when, you know, a little bit of psychology,

[00:51:00.15] spk_0:
you’re being more gracious, alright. A

[00:51:48.46] spk_1:
few supporters. Um But to make the giving experience meaningful for people to make the giving experience a part of people’s lives that they treasure. And to make that giving experience and experience that can allow people to experience the kind of life that they would not otherwise have. Those are the things that are hard because those are the things that do not have the the focus that they need and those are the things that I pretty much spent the last 10 years after I graduated from Indiana doing. Because those are the things that gives me meaning in doing what I do.

[00:51:59.06] spk_0:
Sure, let’s go back to you. Uh How much increased giving are you seeing you? I’m sure you’ve quantified this. What differences are you? Are you experiencing?

[00:53:05.55] spk_4:
Well, I mean, we’ve we’ve now tested it in a number of different areas. We, you know, we test it in, uh, we we use it in thank you scripts to our donors. So we don’t, you know, that’s a long term test of if we’re using this, this language consistently and everything, we we play around with the different levers on web forms, um, where we see, you know, we can extrapolate over the year if like, okay, if we use this, you know, we have a form and the form on the donor form, what difference are we going to see? Um, so it’s, you know, it’s hard once it becomes infused in everything you do, you no longer have a test in a control. You have, you have just the way you’re doing it now because you roll it out in all these different ways. I will say. I mean within that first batch of three, we paid for our research. So, you know, we got we we made an investment. We we we learned a ton. We paid for it right away. And then everything after that is, um, is bonus or, you know, is the real game. But it’s, it would be hard to measure at this point because we’re not, we haven’t infused in and everything, but we no longer have, uh, you know, we’re getting there, but we no longer have a sort of test and control where we can say this is the difference

[00:53:24.85] spk_0:
jen where can folks find your research? Is it is it somewhere that we can easily uh,

[00:53:32.90] spk_1:
most of our research is at the Institute for Sustainable philanthropy’s web site. There are freely downloadable.

[00:53:44.55] spk_0:
Okay. At the Institute for Sustainable philanthropy, um, what do you think? Should we leave it there where we explain this adequately that we picked people’s interest? I

[00:54:50.84] spk_4:
don’t I have if you have time, I have one more thing that I really think this work is sort of um a really important bridge between the sort of donor centric, the donor is always right. We’re stroking the ego of the donor and the community centric fundraising models because jen said, you know, this is I give to connect people, give to connect to to other people to the animals. And that I think in that sense of connection and love comes a more sustainable way forward because we don’t have to have this um artificial barrier between the donor and the beneficiary. And we don’t have to talk about, well if we privilege the donor, then it’s at the expense of the beneficiary or vice versa. We can talk about it’s about making connections as humans and and and together working for change and I I see it as a really healthy way forward in that conversation.

[00:55:20.04] spk_0:
That’s a great place to stop. We’re international for this segment from british Columbia and the UK from B C. Is Shoni Field chief development officer at the S P. C. A. Society for prevention of cruelty to animals, the british Columbia and from the UK, jen, chang professor and philanthropic psychologist at the Institute for sustainable philanthropy where you will find all this valuable, valuable research Shoni jen, Thank you very much.

[00:55:24.64] spk_4:
Thanks tony

[00:56:05.34] spk_0:
What a pleasure. Thank you Next week. Susan comfort returns with team wellness as 21 NTC coverage continues. If you missed any part of this week’s show, I beseech you find it at tony-martignetti dot com. We’re sponsored by turn to communications, pr and content for nonprofits. Your story is their mission. They’ve got the relationships for pete’s sake. Turn hyphen two dot c o r. Creative producer is Claire Meyerhoff shows social media is by Susan Chavez. Mark Silverman is our web guy and this music is by scott Stein. Mhm. Thank you for that. Affirmation scotty

[00:56:07.05] spk_5:
Be with me next

[00:56:25.74] spk_0:
Week for nonprofit radio big non profit ideas for the other 95 go out and be great. Uh huh.

Nonprofit Radio for May 8, 2020: Data Privacy Practices

I love our sponsors!

WegnerCPAs. Guiding you. Beyond the numbers.

Cougar Mountain Software: Denali Fund is their complete accounting solution, made for nonprofits. Claim your free 60-day trial.

Turn Two Communications: PR and content for nonprofits. Your story is our mission.

Get Nonprofit Radio insider alerts!

Listen Live or Archive:

My Guest:

Jon Dartley: Data Privacy Practices

Let’s have a romp through the fields of data privacy and cybersecurity, musing as we frolic on just how important the right practices and policies are to your nonprofit. My guest is Jon Dartley, Of Counsel at Perlman+Perlman law firm.

 

 

 

Top Trends. Sound Advice. Lively Conversation.

Board relations. Fundraising. Volunteer management. Prospect research. Legal compliance. Accounting. Finance. Investments. Donor relations. Public relations. Marketing. Technology. Social media.

Every nonprofit struggles with these issues. Big nonprofits hire experts. The other 95% listen to Tony Martignetti Nonprofit Radio. Trusted experts and leading thinkers join me each week to tackle the tough issues. If you have big dreams but a small budget, you have a home at Tony Martignetti Nonprofit Radio.

Get Nonprofit Radio insider alerts!

Sponsored by:

Cougar Mountain Software logo
View Full Transcript
Transcript for 488_tony_martignetti_nonprofit_radio_20200508.mp3

Processed on: 2020-05-09T00:45:18.281Z
S3 bucket containing transcription results: transcript.results
Link to bucket: s3.console.aws.amazon.com/s3/buckets/transcript.results
Path to JSON: 2020…05…488_tony_martignetti_nonprofit_radio_20200508.mp3.92969305.json
Path to text: transcripts/2020/05/488_tony_martignetti_nonprofit_radio_20200508.txt

[00:00:12.00] spk_0:
Hello and welcome to tony-martignetti non profit radio

[00:02:19.07] spk_2:
big non profit ideas for the other 95% on your aptly named host. This is our second non studio show produced using a dizzy audacity and zoom Oh, I’m glad you’re with me ID break out in Wall Dyer’s ring If I had to say the words you missed today’s show data privacy practices Let’s have a romp through the fields of data privacy and cybersecurity, musing as we frolic on just how important the right practices and policies are to your non profit. My guest is John Darkly of counsel at prominent Pullman law firm tony. Take two. Take another breath were sponsored by wegner-C.P.As. Guiding you beyond the numbers wegner-C.P.As dot com by Cougar Mountain Software Denali Fund. Is there complete accounting solution made for non profits? Tony-dot-M.A.-slash-Pursuant Mountain for a free 60 day trial? And by turning to communications, PR and content for non profits, your story is their mission. Turn hyphen two dot ceo. It’s a pleasure to welcome John Darkly to the show he founded and operated involve the Web application, development and design firm that pioneered online peer to peer fundraising list building and advocacy campaigns for non profits involved was acquired by Can. Terra. John probably made a lot of money there when Cantero was acquired by Blackboard John probably make money again, but he was also named senior deputy general counsel and information governance chair. Besides all that, he has more than 15 years experience representing nonprofit organizations. He’s of counsel at Perlman and Perlman law firm in New York City. The firm’s at Perlman and perlman dot com. And at tax exempt lawyer John Darley. Welcome the non profit radio.

[00:02:21.64] spk_5:
Glad to be here. Thanks for having me.

[00:02:23.19] spk_2:
Good to have you. That was, uh, that sounds like it was quite a run with involved in terra and black bod.

[00:02:29.54] spk_5:
It was definitely an interesting path. I like this day. It gave me a lot of kind of real world experience. Great to work on. Both sides. Both work on the software side now, back on representing clients. Yeah. Yes, it was interesting.

[00:02:43.11] spk_2:
How many years was that from? Like from the time from founding involved to being appointed senior deputy general counsel at Blackboard,

[00:02:52.74] spk_5:
right? About seven or eight years. And when I start with the ball off again, we working with some very large, not pop. It’s doing Web applications. This was like the first kind of friends asking, friends type approach on. Then we just kind of built out organically, like working with a non topic clients and eventually bought and bought again, as everyone knows a lot. Elation.

[00:03:26.39] spk_2:
Yeah, good, Wonderful. It’s a good trip. So it isn’t practicing law now. Boring. Without all that, you don’t have a let’s start up excitement and challenge and all those obstacles and frustrations.

[00:03:27.92] spk_5:
The grass is always greener. So, you know, when I was at that sign, it seemed like just being a lawyer would be very comforting. Now you’re like sometimes you miss the excitement. But I hope my clients and we have some smaller clients that are building, you know, interesting brands that you’re saying. All of this s o. I feel like I’m so not sure. I’m just advising my clients

[00:03:46.69] spk_2:
without without All the agita is the once removed once room from, uh, from rounds of rams of financing, et cetera,

[00:03:56.25] spk_5:
where you are like wearing having to pay painful, easy,

[00:04:32.40] spk_2:
right, Get back and I make right. Can I make the Yeah? Can I make salaries this week. Right? Right. So, um all right. Data data, privacy, cyber security. I think people probably understand, in our current environment, I’m not having to do with Corona virus, but just living in 2020. I think a lot of people are conscious of at least cybersecurity issues. Maybe not so much data data, privacy. But But let’s make sure, you know, give us some, uh, motivation for why data, privacy and cybersecurity should be paint paid attention to

[00:05:16.39] spk_5:
Yeah, I’m often accused of scaring people, and I think that’s a good thing, you know, frankly, I work with four profit stonework with non puppets now primarily. And from, you know, I was a non profit yourself 5 to 6 years behind the for profit world and taking privacy of cyber security. Seriously. Just, you know, in the for profit world is now a C suite. You know, job is open, it’s cheap. Obviously, Officer, there’s teams of people working on things, not hop it, and they are starting to learn the importance of taking the practices and putting these policies in place. But a lot of times is an infrastructure is do. The manpower is too but just to kind of take a context every year, the amount of breaches grow. Last year, $2 in 19 the amount of damages increase by about 17%. And just in the context of what that costs, the average reach across an organization almost $4 million now, given there are some very large reaches, so that kind of skews the results. But in terms of a per record, So think about donors. How many donors you have, Basically an average of $150 for every record loss is what you’re gonna pay in regulatory fees and other finds. Another kind of charges. So that’s, you know, a real real thing.

[00:05:44.28] spk_2:
Now, what about the comparison between, you know, corporate and non profit breaches mean? Well, I’m thinking off the top of my head of, ah, Marriott. Uh, you know, I don’t 100 million records or whatever. West maybe was only 10 million. I don’t remember, but many millions of records um, there have been other big corporate breaches, but have there been breaches? Maybe they’re just not as, uh as publicized on the non profit side.

[00:06:21.42] spk_5:
You’re actually exactly right. Uh, small and mid sized nonprofits are actually being increasingly target if they don’t have to sophisticated protocols in place to kind of to protect against some of these of these hacks. We don’t hear about the malls and not the big build. Another Facebooks of the world on an ID only they’ve been. Actually, some studies done is not evident. It totally they’ve been some studies done that, not pump it actually hurt more than four profits for data breach. I’ll give you an example. You know, Facebook gets breached. How many people actually got off Facebook and stop using it, right? Not pop it in a way, are more fungible. Some donors with donate more to more than one organization, studies have shown. If there’s a data breach at a non profit, donors are less likely to come back next year. Donate. I’ll just choose another organization. So in some ways, the bar and the risks are even higher for nonprofits,

[00:07:03.52] spk_2:
right? All right, right. I’m I’m more committed. I’m pretty committed to my Marriott Marriott Bon voy points. No, I don’t. I’m gonna keep using the brand because I’ve got a couple 100,000 points with them.

[00:07:29.30] spk_5:
Exactly. The reputational harm I have to say, tony, ITT’s organizations don’t think about that. But these days, I think we all were all more sensitive to write. Our data’s being treated. Yeah, they’re a lot more regulations out there which out there they will talk about. But the reputational harm can last for years, especially when organization is seen as either not doing the right things, not taking kind of, you know, appropriate precautions that could really be devastating.

[00:07:40.49] spk_2:
All right, since you mentioned regulations, um, uh, you know, we heard a lot about GDP. Are when? When that was knew. What was that, like, two years ago or so that

[00:07:50.44] spk_5:
that May of 2018 will into effect.

[00:07:53.86] spk_2:
Okay, pretty good. Usually I’m bad about the estimating time. All right, so it was two years ago this month. All right, um, so GDP are But you can acquaint us with that. What? I mean for a U. S. Charity? What? What do we need to be conscious of their

[00:08:44.74] spk_5:
Yeah, it’s funny when you came. In fact, it seemed like a few months, like just everyone was talking about it. Remember, a Woody Allen movie would talked about. He said soon will be, the Renaissance will be painting. Thing is like, I think soon it was like That’s all we’re talking about a CPR. It’s like literally a few months s. The only emails I got from clients was like, What is this thing with GDP on what I need to do now? It’s two years later, we’re still talking about it, But there are other regulations ever come into a factory plucked out as well. A general data protection regulation does affect not Klopp, which came into effect in 2018 and has very specific department. So does it affect your not profit? Some of listening? If you have a website, it probably does right. Judy PR affects anybody collecting any information from someone residing in the European Union between the UK, including Switzerland. So B e a, uh, and you know, if your only collecting a few names from from those countries I wouldn’t be is concerned. But if you collect a little bit more than that, then it probably makes sense to comply with GDP. Are

[00:09:39.37] spk_1:
it’s time for a break? Wegner-C.P.As. They have a bunch of covert 19. Resource is on their site. Tax questions related to Cove in 19. We received RP PP funding. Now what? Developing your 13 week cash flow forecast. Internal controls. Covitz style. What about cash? How are you controlling cash in a virtual environment? This is all at wegner-C.P.As dot com. Click resource is

[00:09:45.17] spk_2:
Okay. So, John, it’s only it’s only if you’re collecting data. Not not if you citizens or Swiss citizens are visiting your website merely visiting your website.

[00:09:55.14] spk_5:
But really, it is because what he has done has lowered the bar. What personal information is right? We all care. We were going to use the term sometimes P I I personally identifiable information. And so Jeannie pr is concerned about is if you collect P II. According to Judi pr and I key address. Right. We’ll have computers. We access a website. We have an I P. Address a stash. Consider P I So, technically, anybody accessing your website if you collect their i p address with, most people do automatically. You’re you’re technically subject that GDP are

[00:10:27.29] spk_2:
okay. Wait. All right, So you’re saying most web? Most websites automatically preserve the i p address of a visitor.

[00:10:36.34] spk_5:
Most do through, like, Google analytics or, you know, at least. Yeah, All these the analysts people use automatically get life he addressed with someone visits your website.

[00:10:43.64] spk_2:
Okay. And that then is an entering argument for GDP are to apply to your your website your your non profit

[00:11:34.01] spk_5:
Exactly. Just counsel our clients that you should really only be concerned if you’re collecting and be getting. Don’t you collecting information more than I p addresses to get it? It’s kind of Ah, it’s a risk reward. Be only getting a few I p addresses. You’re not doing anything with it. The odds are of GDP are becoming an issue on the regulators Looking at your not profit. Probably small, but okay, a lot not talk. But in this country that either have offices early, you or have people access routinely. So I’ll give you an example. We worked with a large, well known museum and when people come from your they often want to visit this museum in Manhattan. So they have ticketing and they’re having thousands of people not really least used to when people are travelling but museum tickets. Judy pr squarely applies. They have to comply.

[00:11:48.48] spk_2:
Okay, So beyond the beyond the this sort of perfunctory the i p address else. So if we don’t have ah location that people are buying tickets to come to, what other kind of data would would trigger the GDR for us?

[00:12:30.11] spk_5:
Any name and email address, you know, collecting that anybody resigned. And when I say the word residing, you don’t have to live there. So, technically, tony, if I went Teoh London and then made a donut, patients were not topping the US JD. Power applies to me with that trip is action. I’m now residing in the EU state token of somebody from the U is in the U. S. Exit donation to a non profit. Even though there are you sitting this in a transaction takes place in the U. S. GDP. Ours doesn’t apply. It’s a little bit complicated, but like I said it that today those

[00:12:30.46] spk_2:
those those are the exception. So let’s just deal with

[00:12:33.43] spk_5:
that at

[00:12:33.87] spk_2:
the mainstream. You got a new resident transacting from from the European Union. Um but let’s just assume all that you residents are in the the European Union for this conversation, right? None of them, they’re here. So

[00:14:01.36] spk_5:
So yeah, so replies just kind of get the kid like some of things you want to do. I say, like the low hanging fruit fidgety you are applies. The first thing is website privacy policy. I’m gonna talk about that a little bit more later in terms of a general privacy policy, the importance of it. But Virginia PRD is separate. Basically, GDP are notice that needs just list specific information. Uh, two people from the EU learning them of their rights. And some of the remedies they have, I’ve tell organizations of GDP are applies. The first thing you do is put a put a speeding car notice on your website. That’s something a regulator is the first thing they don’t look at. If you have, that is already one box check. That’s great. Thea. Other hurdle for a lot of non profit we work with is how to get, uh, what when someone wants upped and there’s no more opt out. Everything has to be in Upton and has to be a very specific and home up then, and this is probably the biggest challenge for a lot of non profits. It’s a much higher bar for consent. I’ll give you an example. No longer than you have to have a check. The box and the box says we are signing up to get email campaigns, periodic newsletters and other promotions, even if they check that box. Wegner Judy PR Let’s consider too broad, right? Every request for permission need to be very specific. You need to be clear and affirmative and very moment, one of the biggest challenges for Not

[00:14:10.45] spk_2:
question. So give me an example of of a consent that is properly worded.

[00:14:21.74] spk_5:
I hereby consent to the processing of my personal data for the price Rose Christ or period, not email newsletter, not general marketing purpose for a specific purpose. A price store. You could also say I’m I’m a I hereby consent to the processing of my data for your monthly newsletter. Now let’s say three months later, you have a new newsletter or different what you can no longer send them both newsletters. You don’t have to stand for that. You now have to go back to get the scent. You get one try. They don’t respond. You can’t go back to them again.

[00:14:47.79] spk_2:
Cannot. You can’t go back to them again.

[00:14:49.92] spk_5:
No. Cannot. And there’s no grandfather clause either. So you know a lot of people. At least couple years ago, I had all these names. They were wondering, what do we do? And you got one shot Thio going going to these folks and say, Hey, GDP, our allies way like to use your names. This way, please respond. Have you to get a response That said you can no longer market to these folks.

[00:15:30.84] spk_2:
Okay. All right. So you get one chance per each channel. Sort of. You don’t have to do it for each individual newsletter. I mean, individual mailing of the same newsletter. But But as you said, if you if you start a second newsletter on a different topic related to a different program, you’d have to get permission for that

[00:16:00.79] spk_5:
exactly right. And then the people that you do have kind of on your roster that you’re allowed Teoh work with the U there certain rights they have and these rights have to be passed on to the benders that not puppets work. With these age, everything’s in the cloud off. The odds are they’re using other folks that kind of help processes data. But anybody from the EU has the right of access. They have the right to know what you have about them. They have a right to a racer. They’re gonna ask you to delete their data at any time. You must comply with a certain period of time. They have the right to restrict processing. Yeah, you can use my data eat to give me a newsletter. But I don’t want to be in a cooperative where you’re sharing my name. Uh, they have the right the right to data portability. Give me everything you have and provide. Give it to this new provider on. They have the right to object to anything you’re doing with their data. And when we talk about the Jodi or notice the privacy policy, the privacy policy needs to kind of lift all these rights for EU people. You usually

[00:16:28.40] spk_2:
all right. And that policy needs to be on your website.

[00:16:31.95] spk_5:
Yeah, just like a regular privacy policy. But it needs to be a separate notice. It needs to be on the website prominently displayed.

[00:16:48.14] spk_2:
Okay. When you get consent for the processing of data around a particular purpose, do you need to remind people about their rights? Give them all these reactions, toe portability and the ratio, et cetera, or just one time on the website.

[00:16:55.11] spk_5:
No, No need to be part of your privacy notice. You don’t need to remind them proactively, but it needs to be listed in your GDP are profit privacy notice

[00:17:02.48] spk_2:
Privacy notice on your website.

[00:17:04.34] spk_4:
Yeah, right. Okay.

[00:17:05.86] spk_5:
And the fines are extremely high again for small missiles. Nonprofits to a very low interaction. I’m not concerned. Larger non puppets should be a little bit more aware and look concern. And, you know, one of the things you also need to be aware of. 1/3 party vendors GDP are now makes nonprofits directly responsible and liable for the axe or or emissions of the vendors that holding the state on your behalf. So you now need to give all these vendors specific provisions. Your mandated by GDP are specific. GDP are provisions that buying these benders to basically support your efforts to comply with GDP are so this is another hurdle.

[00:17:52.44] spk_2:
Okay. Um, all right, I would presume the largest vendors are acquainted with this by now, but you

[00:17:53.35] spk_5:
must have their own. Yeah,

[00:17:55.63] spk_2:
but you need to be proactive about ensuring that your vendors all do, whether small or large,

[00:18:00.84] spk_5:
Yeah, a lot profit use. It’s more of the small amount outside vendors, and they may have one in place, and the one they have a place might not be. You know, listen, that everyone takes a different approach. The vendor who supplies they’re all will be much more friendly towards them, so they should still be reviewed and negotiated.

[00:18:16.79] spk_2:
All right, so you’re asking, Are they GDP are compliant when you’re querying your vendors?

[00:18:23.40] spk_5:
Exactly. That May should also bishop. There needs to be the denim toe. Any contract that you have in place just not to get too technical, but the non profit who collects it. Who’s collecting? The data is called a data controller, right. They control the data, their vendors who helped process the data. So maybe a C. R M system, a black box, for example. They would be considered a data processor. Ben should be processing the data on behalf of the non profit who owns the data. So I’ll pop. It is data controller has kind of a much higher bar of requirements to me.

[00:19:03.14] spk_2:
All right. As long as you defined your terms, you keep yourself out of jargon. Jail on. All right. Um uh, Okay, well, there’s a New York law, but, you know, New York Shield, But our listeners are nationwide. So you want to just be much briefer about New York Shield just for our New York listeners?

[00:19:49.27] spk_5:
Yeah. Although New York still, tony, just like today PR, it doesn’t make a difference where you are. You collecting information from New York residents? It applies to you And I would argue is actually, it’s more important because the Jeep car that’s still question how the you will force it against a non profit who does not have offices in the U By how that happens. Nobody has seen yet. But but let’s put that aside, the New York Shelled Act gives the attorney general a public right of action. And certainly in New York, the New York Attorney General has a much further reach to go after not profit, whether they’re in New York or anywhere in the US, because we’re talking about the same country. So I would be as a non profit, more concern about New York Shield at this moment. First import most and then worry about you need your necks.

[00:20:01.72] spk_2:
Oh, all right, do other states. California is a pretty activist state. Do they have something similar that applies to all their residents?

[00:20:33.26] spk_5:
California has one called CCP A, but right now it does not apply to non profits. It only would implicate non profit ever have a four profit wing or Division A? Are there working with a four profit where, for example, be getting data from a company that’s getting from messages in CCP? A. The non papa should be concern at that vendor. Who’s providing you That data has complied with CCP A. But other than that, it doesn’t really apply to non profits.

[00:20:35.61] spk_2:
Okay, any other states.

[00:21:29.34] spk_5:
Massachusetts has had something for a long time, not too dissimilar from New York. But you need me. I think people are kind of and there are other unless there are other ones in the works. Colorado has won about us looking to pass something at some point. That’s in Kobe. 19 is for a lot of things on the back burner, but at some point we could have federal legislation, and you know what I counsel with non clap? It’s even which university BR came out and they said it doesn’t apply to me. I said, Even if it doesn’t, it probably makes sense of trying to comply his first ball. Everything’s moving towards greater accountability. Donors. Employees are getting more sensitive about Heather Data’s being used and starting to follow some of these protocols. Just make makes the non hop. It’s better stewards of the information they collect another day. We want to do like by these donors wanted to do right by our employees. The data were collected. So following somebody particles and they don’t apply is a smart practice because nothing wants unauthorized access to their systems.

[00:21:37.88] spk_2:
Okay, Okay. Um, the Massachusetts law is that limited to credit card information?

[00:22:05.54] spk_5:
No, let me call it. It’s a lot of different kinds of personal information, but has not been. I have not seen it really in forced on. A lot of organizations already have policies in place that kind of meet somebody obligations. And certainly if you’re if you start to meet the New York Field Act, which I think will be will be unless they enforce more vigorously, you’re probably OK on the on the Massachusetts

[00:22:10.22] spk_2:
front and the messages from Okay, so Yeah, that’s that’s true. In a lot of cases, like if you can comply with the New York law, you’re covered in a lot of other states because New York is so stringent. Um,

[00:22:22.40] spk_5:
I always say that you can make it here. You can make it anywhere. That was

[00:22:28.69] spk_2:
okay. Uh, yeah, but hey was intact. Think Sinatra was intending much more favorable. And the privacy compliance. All right, so what about New York Shield? You want toe? Give us an overview of that. What? What we should be concerned about this thing, This is if we’re collecting data from New York residents, that right?

[00:24:00.98] spk_5:
Exactly. Yeah, but I would argue I would take my most nonprofits to do any kind of real online access and gather data or getting donations. You probably have a, you know, at least amount from New York. But you know, many what may have a lot So certainly ones working on the East Coast would probably have a lot of New York residents accessing about side and giving information. So that’s about one of things. It expands. What constitutes a data breach, Uh, basically lowers that bar as well. So in terms of when you have to report a data breach, let’s put that piece of side. But this happened the most important thing for nonprofits to keep in mind. Now where? Why was them that says it may an individual one. Employees are pleased to coordinate data security program. This is key because most organizations don’t have one. This is the old saying. If you don’t know where you’re gullible, roads will take you there, and I’ve always counselled we have my non profit clients. If you don’t have somebody in charge of privacy, odds are nothing’s really happening on that front. So that’s good. This is a great example of even if you’re not collecting information of New York residents, you shouldn’t have a point person. Um, and what that point was it needs to do is he needs to look at, based upon your size and attack the information to collecting uh, that they have played a physical security tech technical security attacks, a compliance programs doing training were supposed to looking at Bender agreements and assessing risk. And now New York requires you to have certain provisions. Reasonable provision in every vendor agreement that makes me binds those vendors for doing the right things, that appropriate things in terms. Protecting the data you collect euros exposes, sensitively destroyed data when you no longer needed. And again, I know for many clients this ridiculous some of my clients and many non prop assistants in daunting. It’s not as hard to comply as they might think. And for some of our clients, I’m acting as that point person. It doesn’t have to be. And employees. It just needs to be somebody. So I’ve come in organizations. I’ve looked at the left look of the vendor agreements. Let’s see how things are being protected. Let’s look, if you’re doing training, just let’s look at the your overall approach to privacy and even and give a kind of annual advice that would get them a long way to comply. Europe show.

[00:25:04.84] spk_2:
Okay. Okay. Um, all right. And you know, good point also is you know, you said a few times Ah, it’s worthwhile to comply with these to the extent you can, even if you feel it doesn’t apply to you that the law may not apply, but it’s gets good practices.

[00:25:17.34] spk_5:
Yeah. I mean, listen, reaches typically happen from third party vendors That’s usually the case, because these days most people are using cloud providers or using third party vendors to kind of hold this data. If a breach occurs, a vendor’s Onley obligation is to tell you their client that the breach occurred. Your obligation under law. Is it now? No. Divide all the donors who stayed it might have been compromised. They could be credit monitoring costs. There could be legal costs that could be certain regulatory fines. So it’s it’s so example. New York, she’ll requires you to look at these vendor agreements and have certain terms in there. That’s just a smart thing to do. Third party vendor agreements are woefully one sided in favour of the vendors. They’re the ones drafting it on. And it just makes sense to review negotiate these agreements. We can certainly talk about you like five or six, uh, terms that should be in every vendor agreement you

[00:26:10.88] spk_4:
have. All right,

[00:26:11.21] spk_2:
You’re not gonna get to two. Ah, legalese on this. Are you mean I haven’t practiced? I haven’t practiced law since 1994 so

[00:26:19.35] spk_5:
I’m not

[00:26:20.09] spk_2:
gonna get technical for the non lawyer. The 99% of listeners who are not lawyers, right? Okay.

[00:27:12.94] spk_5:
You know, I can keep it. Very simple, just like. And I actually have a great checklist. I’m happy, you know, share with you, tony. People could reach out to me of things to keep in mind. But again, when you instill Ryan, you know, hopefully 98% of time, everything felt swimming. Well, it’s never an issue, but what they still wrong kind of pull out the contract. And again, these contracts very one sided, I joke because I mentioned before I used to work for a very large software company where I drafted a portion of their their client agreement. And then lately, I’ve had the opportunity to negotiate that agreement on behalf of clients. And I wind up rewriting the entire agreement and adding an extra 10 pages and and general counsel at this one company said, John. But you wrote the agreement, your last changing. But I’m on the other side of the deal. It’s a whole, uh, so it’s not just what’s in the agreement. That count

[00:27:20.67] spk_2:
doesn’t. That doesn’t make you That does not make you a hypocrite. People need to understand your allegiance at that time was different than your allegiance at the second time when you were rewriting the agreement that you were drafted in the first time. You’re not a hypocrite.

[00:27:29.68] spk_5:
No, no, no. We’ve fallen advocacy,

[00:27:31.74] spk_2:
advocacy. That’s what we call it. I have forgot that.

[00:27:34.82] spk_5:
Yeah, I’m advocating, but recognizing. I

[00:27:59.74] spk_2:
mean, you’re advocating. Okay. All right. Wait. So let me before you start taking these things off, just tell listeners eso if they would you want to reach you? If somebody wants to get this this checklist that you have He’s John J O N at Kerman and perlman dot com. And Perlman is p e r l m a n not like the, like, the gem or the stone. Whatever that. Whatever pearls are, it’s not like that. Okay, John, at prominent perlman dot com. Okay, you got 45 whenever five things, six. And

[00:30:18.68] spk_5:
get that quickly. Yeah, The 1st 1 is just the privacy of charity. You know, typically will be one of two sentences. We’ll take commercially reasonable practices, know in this day and age and with New York Shield when GDP are there apartments that they need to get a lot more meat on the bone in regard to how company will protect your information. So one of the elements you want to do is simply insert a lot of language that raises the bar again of what we spend it’s supposed to be doing and that they don’t do that. And there’s a breach. Now you have some kind of remedy, uh, to go back from limitation of liability. Every contact has it typically limits what a non topic can get. If there is any kind of loss or damage, anything goes wrong. So open just six months of these. Can’t you have to always negotiate that? They kind of data breach a date of event that we should be untapped direct at Mage is a but not profit is fully covered. The’s terms old Ausubel. I open get it, But you have to ask for it. You don’t ask for your not getting getting it. Uh, uh, rich notification really important. So if there’s a breach, I always put a section in that gets you both quick notification and get you all the credit monitoring and all the other costs. Regulatory fines cover. I’ve never had a better save. Noted that in the end it may take a few back and forth, you know, negotiations. Always a dance, but having a breach notification and uncovered cause it is essential to be two more transition service is when you want to leave the vendor. It’s very hard to leave fried when you’re working with somebody like relationship kind of know who who see the is added. That might broker but becomes very difficult. But transition service’s basically bond and surrender toe work with you for six months and with your new better of choice to make that transition seamless, very important to have that obligation in there. And finally, I would say, is, You know, during the court, in stage with when you’re working with a vendor, you get a whole types of promises. You’ll get lots of marking material. Here’s how the functionality hero features you got everything spray when you signed the contract, you’ll notice that almost there’s no mention just nowhere to be found. One of the biggest things I find my clients about difficulty with is where someone over promises and under delivers. How do you prove that it was not part of the contract? So all those kind of shining marking materials. All those handouts, all those things that give you. You have to attach that to the agreement reference, is it? So when I get things, don’t work out his plan. Now you can show why there’s a beach and what you can get out of the agreement. Very important.

[00:33:11.64] spk_1:
We need to take a break. Cougar Mountain Software. Their accounting product Denali, is built for non profits from the ground up. So you get an application that supports the way you work that has the features you need an exemplary support that understands the way you work. They have a free 60 day trial on the listener landing page at tony-dot-M.A.-slash-Pursuant. Now time for tony. Take two. Take another breath, doubling down on my advice from last week that you take some peaceful time. Um, whatever it is for you if it’s napping, if it’s walks. Um, I’m not thinking of exercise. Exercise is important, but I’m not thinking of runs right now or home workouts. I’m thinking of peaceful, relaxed, calm time putting your mind at ease. I’m talking like I’m tryingto get bring you down right now. I’m not. I’m just trying to give some ideas. This is not a meditation. That’s not a meditation minute. I did try meditation class. I loved it, Actually did something online with a woman who’s giving free meditation classes. Um, and for an hour, I was I was under hypnosis. Almost at almost. I was, uh, focused on breathing where the breath comes in, where I feel it very valuable. Eso maybe for you. It’s meditation, and I have never done that before. So that was unusual experience for me. But I loved it, and I hope to do some more with her. Whatever it is for you, you know you know what it is. Take it, Do it. Take the time for yourself. There’s a lot being asked of us that is unusual. And even if it’s more routine now than it was 456 weeks ago, it’s still stressful. We’re out of our routines, so be good to yourself. Self care, right self care. Take care of yourself. Do it each day. You deserve it. Please do it. That is tony. Take two Now back to data privacy practices.

[00:33:22.92] spk_2:
All right, if you were on both sides of this arguing because you said it’s a dance right so suppose you were on both sides. Which side would you? Which side would you give in and which side would win?

[00:34:09.68] spk_5:
You know, it’s funny, because I do represent, we have. We have clients that are often vendors. I think I’m very fair in Middle Road. I think, you know, given eight hours of myself come help with very for both sides. But you, tony, that’s a great example of Give you an answer. The limitation. Liability. I always think there should be reasonable carve outs. It shouldn’t be a car about unlimited liability again. It’s what offended would owe you. Something goes wrong. It shouldn’t be that anything goes wrong no matter what, Even if it’s not their fault, they should pay you. So, for example, a visit data peach. But they did everything they were supposed to do when they were so got hacked. That should not be uncapped. But I wait at my rivers, my clients, I I agree with that. But if they do something wrong and there’s a reach, their full, that’s beyond cat. What side of the Delamontagne? I’m always gonna push for both those.

[00:34:25.18] spk_2:
Okay. Okay. Eight hours with myself. I don’t know. I don’t know where I would go. I don’t want Oh, it’s not for public consumption, I’m sure. Um all right, so so is it. Is that what you say?

[00:34:36.09] spk_5:
I was thinking apocalypse. Now, that’s what happens when you have too much time on your

[00:34:44.04] spk_2:
OK. All right. Well, I was only r rated. All right, um, so it sounds like the difference. Maybe I’m getting too legalese now. It sounds like a different dream. Negligence, gross negligence and recklessness or something like that.

[00:35:21.99] spk_5:
Yeah, way. We’ll definitely end illegally. So I won’t go there. But those things are just sink. Since the name that contact get the most important thing for anybody listening is you need to have somebody review these agreements. Just don’t sign them. They’re always negotiable. Hopefully, you want somebody. And here is my biggest right. When I was at a black bond. Other companies that sometimes a lawyer who did not know understand technology, I wouldn’t really know what to ask, wouldn’t know had a mark up the agreement, make sure whoever you work with understands, right? They need to know what you’re getting. What the solution is to hopefully kind of protect your interests. So that would be like, he just have somebody who knows what they’re doing with you negotiating on your behalf.

[00:35:37.56] spk_2:
Okay. Cool. All right. Um, what else could we be looking at in this in this arena that can can protect us.

[00:37:17.21] spk_5:
Yeah. I’m gonna get you less than every non profit. If they don’t have, they should do immediately. That you have to think about updating. Are just checking in One is a plot privacy policy website. Privacy policies. Still a lot of non profit don’t have them if you have them. They’ve all from two drafted years ago. They have been updated. So the number of persons do is looking a privacy policy. Make sure it’s been updated. Last year, I would say it’s the transparency is the most important key. Do when you say it. Say what you do. Uh, in terms of the data you collect, you could almost almost do anything you want with it. If you’re transparent about it, you want to add you want oh, care with advertisers? Sure. You want to do you a cooperative? Fine. You want to even sell it? That’s often be possible. But you need to disclose that when somebody gives you the data, so having enough today, privacy policies really key if something goes wrong and people looking for privacy policy and you didn’t just close some of the ways you were sharing, and that’s where the data was lost to be a very big not only legal ramifications. Bobby CPR head. Andi even if we have a privacy policy and they need to be updated because things change all the time. What you were doing for years to the day, both in the back again in terms of how you’re analyzing in the front end has changed GDP. Ours would be an example in Europe shield. A lot of these things require certain statements in the privacy policy. Is your number one. Get a privacy policy. Make sure it’s updated. Make sure it’s accurate. Number two. You should also, in terms of use, terms of service that basically protects the organization, the views and don’t sweep it, then join your website. Very important, Uh, you know, what does that come from? Our what

[00:37:19.77] spk_2:
does that cover in terms of use in terms of service for website were just what does that cover what kind of

[00:37:24.71] spk_5:
anything anybody might do on the Web site in terms of making donations. When the rules, if you have a block, people post content. Or they can take your content, things that can and can’t do in the protection organization from a lot of different kind of legal planes. Just a kind of a standard document every non profit should

[00:37:40.00] spk_4:
have. Okay, Okay. Is that

[00:37:42.11] spk_2:
public to Is that on the website turned

[00:40:12.61] spk_5:
to use an exit privacy policy. Okay. Okay. Now a lot of charity navigator, uh, recommends that you actually have a separate donor profit privacy policy. Just why I read their privacy policy typically only covers when you collect online, they recommend to get the four stars that you have a separate donor privacy that speaks specifically to the information you collect from donors both offline and online. So some might want Consider whether it makes sense to have a separately for a daughter policy and a separate link for a privacy policy. Just like just why there, uh, we talk about bad nerves being an issue. So way kind of crossed that box. Look, pull out all your vendor agreements, see if you’re covered. It’s not when they come up for dual negotiate, I would say annually, no. Once a few years, you should do a privacy audit That’s more formal process where I typically even organization lots of different questions. All their different practices later the cyber security and privacy. And we see where the gaps are. But, you know, one thing I do is kind of a simple one is kind of member. The five W’s in the h. You’re kind of doing news. Recording the five question the six questions asked. They call the five W’s. What? Remember the what? Why, who, where, when and the how. So what is what data we’re collecting? A lot of organizations don’t understand all the data they’re collecting, so get a handle. What data is your collecting? Why, why? You clicked on the state of more many organizations like more David, I need more data. You have the work more risk. You have rights. Onley collected data you need who has access to the data again. People should only have access to the P I. I personally identifiable information you collect who need to have that access. More people have access. The more things that could go wrong. Where? Where’s a dork? Data store. It’s an offline. Are they locked in? Cabinets are there, you know, with vendors. Have it. Are there volunteers? You have access to it. So where is the data stored? When? When is the day to delete it? We’ll talk about that a couple minutes. But you should only keep dating for Florence. You needed and know lots of non profit clients get data for years and years. Even if somebody, for example, is and donated 10 years. The more data you key, the more risk of presidents a loss. And then how House of Data being protected, like in terms of all that, when the data’s being kept, How is it being protected? Really important question You kind of answer all those questions is initial step. You’ve already gone a lot further than a lot of organizations and and kind of being better stewards. That information you collect, uh,

[00:40:13.35] spk_2:
on the, um made 12th 7 dubbed 17 70 on the May 12th 2017 show, I had a guest on talking about cybersecurity insurance.

[00:40:27.61] spk_5:
Yeah,

[00:40:35.61] spk_2:
so now, so listeners could go back to that 5 12 17 show. You can get a lot more detail there because we spent the whole half hour talking just about insurance. But what? What are some key things you want to say about what cyber insurance could protect you against?

[00:42:00.94] spk_5:
You should definitely have a cybersecurity policy with two things. You should make sure your vendor has a cyber security policy. It should be large enough to protect you if something went wrong. So for these bigger vendors, that should be a minimum five million anywhere from 10 to 20 million. You should be named as what they call an additional assured on the benders policy. So you have a direct right and claim against their policy. Putting that aside you non toughest wanna have their own cyber security policy. Okay, they won’t have a policy that basically match the company’s risk that organizations risk that kind of work. They do. You need to make sure has the specific terms that that cover that organization. I’ll give you a great example. We have one plane, very large non profit. Had a head of non had a cyber security policy. They were paying over $100,000 a year for I read through it my joy is released. Things it didn’t apply to them. It was a sign of security policy for a service provider, not for a organization using service providers. So they had to get a new policy. Has something happened? They would have been covered. So I know people hate these policies along their involved, but somebody should read them before you sign them. Work with a good agent that have your attorney be the policy. But every organization listening should have their own cyber security policy a minimum of one million up to depends on the amount of data collecting, uh, you know, on an annual basis in the kind of transactions were doing.

[00:42:23.60] spk_2:
We all hate insurance, but you know, whether it’s auto or homeowners air, I got flood and wind, and but, you know, it’s peace of mind. So and all the you know, all the headlines we see. I mean, this stuff can apply to you as well. Like like we’re talking about. So, uh, you’re not You’re not. Yeah, you’re not. You’re not free because you’re not profit or you’re not, uh, safe.

[00:43:15.62] spk_5:
Yep. It’s all over. When There That you should have one is a data retention and destruction plan. And, you know, this goes back to some of the questions we’re talking about. A data audit you only want keep Davis, or as long as you need it and you want to make sure get rid of it the right way right away. That really destroys the data. So if you have your organization doesn’t have one. You really want a formal data retention destruction plan? By the way, if I didn’t mention it to your killer app requires you that have that a place. So again, you need to think about it. It’s a good practicing of New York shoulders, and if I every organization should have it. Also, business continuity plan. You know, this has come up a lot with Kobe. 19. You know, organization should have a plan in place when something China’s for profit happens, it would. You know, this pandemic was challenging forgiven organizations who had a plan. And I think now we’re over advising plans to take into account the sites of things. But you should have a planet. You know, one of your critical providers goes down. If there’s a data breach, who do you call? You know. How do you respond? New York Shield activity are required Response in a very short period of time. Tony, Order Gate to kind of mitigating organizational damage is the damage that can occur. You need to do the right things early on. So having that in place to support

[00:43:43.94] spk_2:
is this is this the same is a disaster recovery plan. Is that what

[00:43:47.66] spk_5:
you say? Yeah.

[00:43:48.11] spk_4:
Okay.

[00:44:07.99] spk_1:
Time for our last break. Turn to communications. They’re former journalists. So you get help getting your message through it is possible to be heard through the Corona virus cacophony. They know exactly what to do to make it happen. The turn hyphen two dot ceo we’ve got but loads more time for data Privacy practices.

[00:44:51.06] spk_2:
I had a whole show Are I have to show half an hour on disaster recovery plans. I don’t remember the date, but, um, the guest was dar d a r v vor ca v e v e r k a dar viveca choose from one of the non profit technology conference shows. So if you go toe tony-martignetti dot com when you’re looking for the 5 12 17 show on cyber insurance that when I did. I did get the date on that one. This? Ah, this one don’t have the date. But the guest was Dar v Barca on disaster recovery plans, including including sometimes that alternate locations. Even depending how bad the disaster is. You might need a backup location. Do you have that in place?

[00:44:59.89] spk_5:
Yeah, and usually that’s for the benders. Using someone hosting they should have that in place. But released are non profits. It’s more cola called when something bad happens. You know what the weather sex you take to mitigate into remedy.

[00:45:16.49] spk_4:
Okay. Okay. Um

[00:45:17.46] spk_5:
and then, tony, one other thing I’ll add is, you know, a lot of people in this goes to people working from home. It’s even more important. But a lot will use their own devices. Your own PC, sometimes accessing work stuff. You want to have what they called the wild, deep policy. Bring your own device to work one of the views. And, Jones, if you’re accessing information from your personal phone from your computer, what are you allowed to do when you What is it you shouldn’t do? A lot of this is just good training.

[00:45:53.59] spk_2:
Yeah, whether right. Whether even allowed to use your own device. But then there has to be a non profit provided advice and all right, what about? So this is you mentioned that? What about other? We have other data privacy concerns. I’m sure we do around, ah, distributed workforce. And, you know, I think they’re gonna be changes to do work life, and there may There may be a lot more remote employees going forward Then we’re accustomed to just two months ago. So what about this? Having a more distributed workforce and around data privacy?

[00:47:38.88] spk_5:
Yeah, exactly. I kind of when I think about over 19 have been speaking about There was a philosopher and physicist, Thomas Kuhn, and he had a term paradigm shift that, you know, once in a while once a couple 100 years is that is a paradigm shift that changed the way we think of the world. You know, Not Newton Newton’s right. What was a paradigm shift? Mechanics. The paradigm shift and you don’t usually know is a paradigm in ship until after it happens. Kind of like a recession. You can’t look back. I certainly think over 19 at least in the short term and made the lumber could be, you know, paradigm shift The way we’re approaching work when we approach our our lives outside of work has changed dramatically. And there’s challenges with that. Sure, only people working from home, uh, heightens the risk associated with with data breach and unauthorized access. I’ve talked to my colleagues that been studies. The amount of research that happened have gone up dramatically. I don’t know about you, tony, but literally every week I get emails from CBS Chase Bank Wal Mart over Me gift card. Tell me to click on a link. It looks like it’s CBs dot com, but look, the sub tomato. It’s nothing like that. Exactly. When people working from home, they’re not. They just can’t be a safe. So there are a lot of things digital kind of a 10 to Now that we have a remote workforce, Uh, like what? What’s that?

[00:47:39.46] spk_2:
Yeah, OK, I think we’re gonna go onto something else. Yeah, Like what?

[00:48:06.94] spk_5:
I don’t know. I can tell you. So you want to review if you have policies in place, review them. You don’t have policies in place. You need to kind of tell folks what’s expected of them when I’m working from home. Uh, need to communicate. You can’t over to communicate on these types of things. Training annual training would be helpful, but you’re a few of the things that could go wrong. Ah, lot of folks transfer, transfer organizational data to their email accounts and seventh and cells. A commercial email pound has a lot more protections in a personal email account. If they’re sending things from the from of the organization and downloading from emails, they should delete that email as soon as they get the day that they no longer need it. So don’t keep that in your emails that that could be hacked later on, uh, using personal cloud stores storage. Is that not all the same? Make sure the ones they’re using our secure physical document management. You know, we always think about digital data, but a lot of people bringing things from their office home and as a physical document, how is that being capped it when it’s all over leading houses being destroyed, it should be left in a car to be shredded. So let’s not. Let’s not forget about the security of physical documents, unsecured connections to employers if they’re not using BBN, that could be a problem. You need to make sure that people are accessing organizational information in a smart way.

[00:48:56.27] spk_4:
Yeah, that one.

[00:48:56.95] spk_2:
That that’s you. That’s where you have to look to your Internet service provider, right for the for the security that they’re providing on on your connection.

[00:49:42.97] spk_5:
Well, here’s the thing. That’s that’s about your home router. Personal public routers. Let’s talk about personal people have personal. Rather, you come into my home and you access trying to access my Internet. You need a 13 digit pass code. Most people don’t do that when they’re working from home. A lot of people keeping unsecured network. So would you recommend anybody work home should basically activate their round of firewall and, you know, and utilize malware on their computers and and make make everything password protected. So that’s a great example of you. Don’t people think I’m hold? Who’s gonna access my information? That could be easily hacked your home router?

[00:49:48.43] spk_2:
Yeah, okay. On our malware protection so that I mean, that’s something that the employees would have to subscribe to.

[00:49:55.27] spk_5:
Well, yeah. So we’re talking about non working shooters, right? Way are Yeah. You’re

[00:50:12.35] spk_2:
in your home? Yeah. I’m not writing home. I have next ride to where the company has got. The organization has to pay me to subscribe to, uh, malware bytes or something. One of the malware protection companies. Well, we’re in three Norton, 3 60 policies. Something like

[00:50:16.50] spk_5:
that. Yeah, well, working organization. But some of these things, like every router, comes to the ability to put put a password on it. So some of these things are just reminding employees and training them on best practices. Are you working from home here? Like the 10 tips you should be keeping in mind Remind them about from time to time. A lot of a lot of unauthorized access and data breaches. A large percentage could be avoided with just some kind of smart polluting practices.

[00:50:58.80] spk_2:
Okay. Okay. Yeah, there’s I think they’re gonna be a lot more people working from home. Ah, year from now than there were in 2019. Um, I mean, including on the employee side. I’ve heard from a few people that they like working from home. No. And there have been there. I just saw. I just saw study some research like yesterday or something, but were more productive when we’re working from home

[00:51:08.93] spk_5:
back. I

[00:51:45.12] spk_2:
don’t. Well, there’s a lot of reasons. Plus, it’s better for the environment. You save commuting costs, you save gas or public transit. We’re keeping people off the roads. It’s safer. Better for the environment. Yeah, there’s a lot of advantages. All right. Um, I’m you know, I’m a neo fighting all these things, but I know how to read. I can read and regurgitate. I’m like, I’m, like, a like a billboard that you put something on my forehead and then you can read it off my forehead. That Z that’s my role. Um, all right, so we got, like, another three minutes or so, Roughly. You want to leave us with? Yeah, I think you have some. Some resource is tools you can recommend.

[00:51:51.86] spk_5:
You know, I actually I have a lot of different checklists. You said you’re a billboard on a checklist maker s. So I have a variety demand check checklist related to both data data. Privacy on its GDP are policies which should be in there. Your privacy policy. What elements should be in there? No. People always ask me tony can you just give me privacy policy and, like, know who’s that? Privacy policy describes what you do. You know the worst thing that you take somebody else’s privacy policy from another wet side. A is copyright infringement, but it never fits where you’re doing. So I can give you a list, for example, elements that need to be every province in policy. But how you address those, for example, depends upon what your organization is doing with the data. How is it looking at in the back? It? How is this sharing what third party better is really working with? So a lot of my re sources are kind of best practices and tips. I’m happy. I know you get my email just before I’m strictly looking access. But what’s like? I’m happy to kind of, you know, give me some people toe, depending on their needs. Anything we talked about today, there’s a checklist for that.

[00:52:51.88] spk_2:
Uh, these aren’t on the check the silent on the Perlman website, though

[00:52:56.55] spk_5:
I don’t think we posted on the website. Typically, I like to hear what the client needs. Just before, I kind of threw out checklist because, you know, sometimes a lot of information to be overwhelming.

[00:53:14.11] spk_2:
Okay, so, John, at permanent perlman dot com. Um, all right, John. I mean, uh, is there anything you want, toe? I’ll give you a chance to close. And you want to close with?

[00:53:20.65] spk_5:
No, this is again. Thank you for the opportunity I started. I think our conversations saying that you know what I’ve seen? It’s not profits have really kind of lagged for profits and kind of, you know, taking some of these precautions. A lot of things you talk about are simply achieved. It takes a little time, little commitment, but taking some of these small steps, go a long way and come and you know you can never take it. You know, data breach on the north rise access off the table. But you can certainly kind of mitigate risks and be better stewards of the data you’re collecting on behalf of her donors. So I hope this was helpful again. And I love kind of counseling our clients on these types of information the sets of policies of because I know it puts them in better stead.

[00:54:46.34] spk_2:
Yeah. All right. John Janet Perlman and roman dot com. Thank you. very much for doing that, John. Thank you for sharing my pleasure. Next week. Maria Simple returns, plus a 20 NTC panel. If you missed any part of today’s show, I beseech you, find it on tony-martignetti dot com were sponsored by wegner-C.P.As guiding you beyond the numbers. Wegner-C.P.As dot com by Cougar Mountain Software Denali Fund Is there complete accounting solution made for nonprofits tony-dot-M.A.-slash-Pursuant Mountain for a free 60 day trial and by turned to communications, PR and content for nonprofits, your story is their mission. Turn hyphen. Two dot ceo Creative producer

[00:55:27.10] spk_0:
is clear. Meyer off. I did the postproduction. Sam Liebowitz managed The extreme shows Social Media is by Susan Chavez. Mark Silverman is our Web guy, and this music is by Scott Stein of Brooklyn. You with Me next week for non profit radio big non profit ideas for the other 95% Go out and be great talking alternative radio 24 hours a day.