Quick Improvements to Data Privacy: An Introduction for Leaders of Small Nonprofits and Agencies

The Massive Data Institute (MDI) at Georgetown University has released a brief on quick-to-implement privacy safeguards to protect sensitive data in resource-constrained community based organizations (CBOs) and government agencies.

👉 Look at the safeguards, talk to your team, and reach out if you need volunteer technical assistance:

Explore more about privacy safeguards and privacy-enhancing technologies (PETs) in our PET website .

This brief describes simple strategies to improve data privacy, particularly for smaller organizations that may not already have data security or data governance policies. The goal is to spur conversation between leaders and their staff who work most closely with their data about which safeguards will help reduce key privacy risks while being feasible given their infrastructure and mission needs. It suggests safeguards that can be implemented with minimal time and cost, such as:

Auto-deletion
Simplifying data values or adding ambiguity
Storing sensitive data separately
Splitting and aggregating data

Based on our past work helping nonprofits with similar issues, we include some questions that leaders can use to structure conversations with key stakeholders about what combination of safeguards to implement. The brief also has our contact information. If you would like to implement these types of changes but need short-term technical assistance (e.g., once a week for 1-3 months), we can try to connect you with an experienced volunteer from a civic technology organization.

This project was part of MDI’s broader mission to drive awareness and use of privacy engineering ideas in the education, social, and health sectors.