October 13, 2015
In recent years, many of the biggest companies in the world have been victims of major data breaches. During that same time, thousands of small- and medium-sized businesses, including non-profit organizations, have also had their data compromised. Whether your organization is large or small, it’s critical to be prepared for a data breach. These steps can help.
Step 1 – Create a Breach Response Team. This cross-functional team should coordinate efforts throughout an entire enterprise and be the primary contacts should a breach occurs.
Step 2 – Assess storable data. It’s critical that know what information is being stored so an appropriate response can be launched. Here’s what’s critical to know:
• What type of data is being held about members, contributors, employees and vendors?
• Where is that data stored?
• Which systems handle this data and are security protocols and tools current?
• Which team members are responsible for each of those systems?
• Do any third parties handle your member data?
Step 3 – Assess existing liabilities and obligations. Once sensitive information in data files is known, a suitable action can be deployed on behalf of those parties who must be notified timely. Who must be notified and when? Who are you required to notify? How soon do they need to be notified?
Step 4 – Create a contact list. Identify stakeholders who need immediate notification. That may include • Team members to be available to respond to unexpected necessities.
• Legal advisors to ensure all obligations are identified and included in the plan.
• All key contributors and partners who need to be informed or advised of a breach.
Step 5 – Create a communication plan. The sooner you alert your members are alerted, the better the long term outcome. Essential to communication are:
• How and when how and when members are alerted
• Who will address key contributors
• How and if this information to the media will be informed.
Step 6 – Don’t Panic. If a breach does occur and the above plan is in place, response should be automatic:
1. Contact the Breach Response Team and trust them to execute their tasks
2. Identify the data that has been compromised and take immediate steps to stop the breach and/or take the data offline.
3. Contact legal advisors to ensure all necessary legal steps are prepared.
4. If necessary, tailor a communication plan according to legal notification requirements.
5. Follow the detailed communication plan and alert the affected stakeholders (members, vendors, contributors, etc.)
This article is part of our continuing series to help our members better understand how to prepare and respond to a data breach. Look for our next article, “Shining a Light on the Dark Web”. Coming soon: Product solutions to help you prepare and respond to a data breach. Current First Nonprofit members and clients have access to Cyber Monitoring at no charge. Members can sign up here: https://firstnonprofit.com/cyber-monitoring-benefit-sign-up-form/
Ready to chat? Get in touch today to request a no-obligation savings evaluation.
We first started using First Nonprofit’s Unemployment Savings Program when we were a small startup nonprofit. We didn’t have an HR department and needed expertise in the event that an unemployment claim was made. We knew we were eligible to be a reimbursing employer, but weren’t sure how to navigate that process. They made it easy to set things up, plan for, and then manage claims when they came at a very reasonable cost. The amount of time and stress they’ve saved us dealing with all this has been worth way more than the cost. We’ve now grown to a large nonprofit and do have an HR department but have no plans to stop using their services. I highly recommend them to every nonprofit I come into contact with!
Throughout our membership in the Unemployment Savings Program, First Nonprofit understood our demands, community dynamics, and the importance of seamless services; that allowed us to serve our constituents better.
Because INCS advocates for the operating conditions that allow charter public schools to provide high quality public education, partnering with First Nonprofit was an easy decision. First Nonprofit’s unemployment programs provide our member schools two operating elements crucial to their ability to provide high quality public education: savings and budget certainty. Capable, committed teachers are the key to student success. By participating in the unemployment insurance savings plan, charter public schools gain peace of mind and are able to invest more money in their teachers.
It has been our sincere pleasure to maintain a strong, vibrant business partnership with First Nonprofit. We greatly admire their strong industry knowledge, technical expertise, constant professionalism, knowledgeable and dedicated staff. They are always extremely responsive, personable and provide us with the necessary guidance and recommendations on a numerous variety of employment scenarios.
NYCON members who use First Nonprofit’s programs enjoy enduring savings and improved efficiency. Our association knows that success, because from the beginning, we achieved the same great benefits. Great savings, seamless technology, and responsive service. NYCON highly recommends First Nonprofit’s remarkable unemployment solutions.
Visually Impaired Preschool Services has been a client of First Non-Profit since it was first offered as a benefit of VisionServe Alliance. We completed a thorough evaluation of cash savings to our agency before taking advantage of this wonderful benefit and it has been a very wise decision. Our experience with the processes from accounting to claims have been professional, expeditious and easy.
Luckily for us, our interactions regarding any issues with staffing has been very minimal! I can say that all other interactions with regards to billing, 941 reporting, etc. have been extremely pleasant, accommodating and easy to work with. Kim Ghanayem is always prompt, professional and friendly. Thank you so much!
First Nonprofit has been easy to work with and makes the administrative process easier and smoother. We enjoy working with you.