Protect Church Members’ Personal Information
Churches commonly collect and store members’ personal information. Everything from mailing lists and donation records to Social Security numbers and payment card information may be kept in the average church database. Unsecured, this data could make church members vulnerable to criminals—putting ministries and church members at risk.
Carefully managing this information not only makes business sense, but it also can reduce the likelihood of crippling data loss, embarrassing public disclosures, and lawsuits.
What You Can Do: Improve Physical Security
Physical security is a vital aspect of data protection. The Better Business Bureau offers these data safety tips for small businesses on its website. To learn more, visit www.bbb.org/data-security.
- Shred papers containing personally identifiable information before throwing them away.
- Send and receive business mail from a secured mailbox or post office box.
- Verify a church member’s identity before providing any personal or financial information by telephone or email.
- Secure your building with locks and alarms.
- Store business, employee, and membership records in locked cabinets.
- Limit staff and volunteer access to sensitive information.
- Train office workers how to protect the privacy, confidentiality, and security of personal information.
What You Can Do: Improve Computer Security
Information stored on computers can be more difficult to guard because hackers can access the data without attracting the attention of anyone at the church. These tips will help you keep your computers secure.
- Hire an expert. Find an established computer support company that has a good reputation, stands behind its work, and comes highly recommended by other clients.
- Patch your operating system. This is your first line of defense, and it’s free. Software companies regularly issue free updates to close holes hackers could climb through. Download them as soon as you learn that they’re available.
- Own virus and spyware protection. This protection is essential, even for a one-computer office.
- Update virus definitions daily. Most software can be programmed to update virus definitions automatically. If your computer hasn’t updated its virus definitions in several days (or weeks), your subscription may have expired. Contact your software manufacturer.
- Scan computers weekly for malicious software. Most virus and spyware protection software can be programmed to do this automatically.
- Install a dependable firewall. Both hardware and software firewalls are designed to prevent unauthorized access to a network. Hardware ones tend to work best.
- Secure your wireless network. Use encryption to translate information into a secret code that computers can decipher only with the correct password. Otherwise, you’re inviting anyone with a wireless laptop to access church computers.
- Preserve critical data. Back up business records daily, weekly, or monthly, depending on the size of your church. Store backups in a secure, off-site location, such as a safe-deposit box. This protects your ministry from losing records to computer breaches and other events, such as tornadoes, floods, or fires.
- Limit access with passwords. Use passwords to limit employee and volunteer access to sensitive information. Train office workers to keep passwords private.
- Change passwords frequently. Be sure to issue new passwords when an employee or volunteer stops working in the office and no longer needs to view ministry records.