Skip to main content

Charities to gather 'round the table' for good data governance

Canberra charities work 24/7 to make our community a better place, so the last thing they need is another task. But this one’s essential to what they do, especially when working with vulnerable people – keeping their data efficient and secure.

This is where good data governance comes in.

Most not-for-profits (NFPs) collect data on their clients, partners, staff, volunteers or supporters since this could include identifying information like names, addresses, phone numbers or even signatures, so protecting it is vital.

Unfortunately, many local NFPs are lagging behind, putting them at risk of data breaches.

Standing at the forefront of secure technology in Canberra since the 1980s, experts at OPC IT have decided to remedy this. The team recently invited several charity leaders to a Roundtable discussion session, focusing on how to maintain the best data governance policies and practices specifically for NFPs.

Keynote speaker Jarod Strassmeir is partner development manager at AvePoint, a solutions provider working to modernise the digital workplace and build more robust data foundations for organisations around the world.

At the Roundtable, he spoke on the importance of organisation-wide education, modern security policies and placing effective ‘guardrails’ against data breaches.

“When it comes to NFPs, the biggest changes that need to be made are around ease of file sharing,” he says.

“It’s crucial that decision-makers understand where files are being shared, who has access to them, how they can be used and what can go wrong if the data within them isn’t secure.

“For example, if a file is shared to a client from a folder, but the whole folder is shared and there are no guardrails in place, they could easily view, edit, distribute or even destroy sensitive information.”

Jarod also warns against keeping data forever ‘just in case’, suggesting administrators minimise their risk by archiving old information rather than storing it in primary systems.

So, where does good data governance start?

The first step is to develop an overarching framework that is taught throughout the entire organisation. It should outline everything from internal processes to follow when handling data to the tools used to process it, who can access it and what they can do with it.

“Every member of the team should be clear on what they need to do to keep the information they work with safe and up to date,” Jarod says.

“Not all staff need access to everything. Sharing should be on a need-to-know basis, and a governance framework should be tailored to your specific organisation.”

OPC’s operations manager Peter Shobbrook stresses how critical state-of-the-art data tools are to navigating the digital landscape.

“Using the AvePoint tools has been a game-changer, allowing us to proactively identify and address risks across our client network,” he says.

“In several instances, we’ve uncovered sensitive documents, such as staff pay details, that were inadvertently accessible to all employees.

“The reporting features of AvePoint tools have proven to be invaluable, offering OPC the necessary data to present to boards and committees with clear insights, thereby supporting informed decision-making processes.”

Data governance is a continuous process that requires ongoing management. Whether an NFP has in-house experts or outsources to a reputable provider, they must keep their team informed on governance changes as the digital world continues to evolve.

“At their core, charities are all about people,” Jarod says.

“Protecting their most valuable assets – the people they work with – also means protecting their data. The best way to do this is staying educated, consistent and committed to secure policies.”

Questions or concerns about good data governance? Get in touch with the team at OPC.

Read More on Riotact