Technology and Data Privacy

Nonprofits act as stewards of the information entrusted to them by donors, beneficiaries, program participants, volunteers, and employees. Under numerous state, federal, and international legal frameworks, they are charged with protecting sensitive personal data. These new and quickly changing privacy laws address data storage and processing both domestically and internationally, with a complex web of requirements governing a wide range of information held by nonprofits. Proactive nonprofits act on emerging opportunities for data privacy compliance, online presence, and program-specific data handling, including programs related to minors. In doing so, they also mitigate risk of costly penalties, disruption of operations, and harm to the organization's reputation. Nonprofits need to respond well to data breaches or other incidents in order to comply with applicable regulations, mitigate risks, and communicate well with donors and other possibly affected parties. By incorporating data privacy by design into their corporate policies and culture, nonprofits can continue to serve at the vanguard of mission-driven work while serving as trusted stewards of both money and information.

Data Privacy Regulation Compliance

Evaluating compliance under applicable data privacy regulations, including GDPR, CPA, COPPA, and CAN SPAM, and organizational compliance and best practices.

Record Retention And Destruction Policies

Developing policies governing the receipt, storage, and destruction of records and other information, whether digital or not, to comply with applicable state, federal, and international regulations and to mitigate risk in the event of litigation or data breach.

Written Information Security Policies

Advising clients on systematic sets of protocols, security measures, and policies to protect confidential and restricted data.

Online Privacy Policies And Terms Of Use

Optimizing online privacy polices and user agreements or terms of use to synergize with existing policies and practices and to comply with applicable data privacy regulations.

Data Breach Response

Mitigating risk through well-developed data breach policies and procedures; assisting in communications and corrective actions following data incidents.

Our Team

Paul Winters
Jonathan Atkinson
Isabelle Flitsch
Adèle-Marie Buis
Back to Practices

Insights

04 / 12 / 22

My Most Recent Blog Post or Article Longer Than THE PREVIOUS ONE

Read More
August 23, 2023

2023 US Data Privacy Laws Impact Nonprofits

Read More
January 24, 2022

Some—Not All—Nonprofits Are Subject to HIPAA Requirements

Read More
November 23, 2021

How China’s New Data Privacy Framework Affects U.S. Nonprofits

Read More
March 22, 2021

Now Press “Record” - or Not?

Read More
May 21, 2019

California Takes the Lead in U.S. Data Privacy: The New Consumer Privacy Act and What Nonprofits Need to Know

Read More

Lead Attorney

Technology and Data Privacy
Paul Winters
Chicago, IL
paul@wagenmakerlaw.com+312.626.1600
Stay Connected
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.